Title: Client IAM Analyst
Location: Chicago, IL or Tempe, AZ Hybrid
Duration: 12 months with possibility of extension
 
Responsibilities:

• Support the Authentication workstream within IEM, specifically client authentication (Client IGA / Client IAM/ CIEM / CIGA).
• Govern and document authentication controls related to clients who hold assets.
• Work closely with application owners to:
• Understand application authentication needs
• Validate controls, configurations, and access entitlements
• Ensure appropriate risk treatments are defined and followed for client authentication.
• Track, remediate, and report on Obsidian-related findings (if applicable).
• Perform governance and audit support activities, including:
• Extensive documentation
• Excel-based tracking and reporting
• Data management
• Audit preparation and evidence collection
• Participate in a firm-wide SAS governance initiative, where IAM (and authentication specifically) is one component of a larger compliance effort.
• Support environments spanning cloud, hybrid, and legacy systems, with on-prem applications migrating to Azure.

 
Skills & Requirements

• Experience with client-focused authentication (not internal workforce IAM).
• Strong understanding of:
• Client authentication controls
• Client risk and risk mitigation strategies
• Access entitlements and baseline authentication configurations
• Governance experience (documentation-heavy role).
• Audit experience, including audit support and reporting.
• Strong Excel skills and comfort with data tracking.
• Familiarity with authentication models and tools, including:
• Okta (client authentication use cases specifically)
• PING Federate
• Understanding of various authentication methods (biometrics mentioned only as an example; not required to have implemented).
• Experience working in highly sensitive, regulated environments.

 
Experience:

• Client IGA / Client IAM experience using any relevant tool.
• Audit experience supporting governance, controls testing, and documentation.
• Knowledge of client-facing risk, controls, and compliance requirements.
• Prior work in financial services or similarly regulated industries is beneficial.

 
Top 3 must-haves:

• Experience with client IGA (any relevant tool)
• Audit experience
• Understanding of client controls and client-related risks

 
Nice to Haves:

• Hands-on experience with Okta for client authentication (preferred, not mandatory).
• Experience with Obsidian Security, particularly remediation.
• Azure exposure, especially in environments migrating from on-prem to cloud.

Familiarity with similar client IAM tools beyond Okta and PING 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 68.75/hr.