IAM Remediation & Identity Security Analyst
Position: IAM Remediation & Identity Security Analyst Location:Remote (working PST hours) Contract:through November Note: This is a W2 only role — C2C, C2H will not be considered IAM Remediation & Identity Security Analyst (Contract)Position Summary We are seeking a highly experienced Identity & Access Management (IAM) professional to support identity security remediation and analysis efforts across complex enterprise environments, with a strong focus on Active Directory and Microsoft Entra ID. This is a hands-on, technical role requiring deep expertise in scripting, identity data analysis, authentication troubleshooting, and security log investigation. The ideal candidate will bring balanced experience across both on-premises Active Directory and cloud identity platforms and will be capable of translating complex identity and authentication data into actionable remediation insights and operational improvements. Top Priority Requirements (Required Screening Criteria) Recruiters should prioritize candidates with demonstrated hands-on experience in the following areas:
- Active Directory (AD) and Microsoft Entra ID — strong experience in both environments
- Advanced PowerShell scripting for automation, reporting, and large-scale data analysis
- Microsoft Graph API — practical, real-world implementation experience
- Splunk — advanced querying, log correlation, and investigative analysis
- Kerberos authentication troubleshooting and AD security log analysis
- Multi-Factor Authentication (MFA) implementation, validation, and troubleshooting
- Conditional Access policy design, administration, and remediation
- Continuous Access Evaluation (CAE) concepts and operational application
Candidates should demonstrate true engineering and troubleshooting experience, not simply administrative exposure. Core Responsibilities
- Analyze identity platforms and identify security gaps, misconfigurations, and operational risks
- Support remediation activities related to identity security findings across Active Directory and Microsoft Entra ID
- Develop and execute PowerShell scripts to extract, transform, analyze, and report on identity data
- Utilize Microsoft Graph API and directory services to perform deep-dive identity and access analysis
- Investigate authentication flows, including Kerberos-related authentication and authorization issues
- Query and analyze security logs within Splunk to identify trends, anomalies, and suspicious activity
- Evaluate and enhance Conditional Access and MFA configurations to align with security best practices
- Track remediation progress and generate reporting artifacts using Power BI or equivalent reporting platforms
- Document technical findings and communicate recommendations clearly to technical stakeholders and project teams Candidate Profile The ideal candidate will demonstrate:
- Strong analytical and problem-solving capabilities within complex, data-heavy environments
- Proven ability to translate raw log and identity data into actionable remediation recommendations
- Deep technical expertise across both on-premises and cloud identity ecosystems
- Experience collaborating with Security, IAM, Infrastructure, and Operations teams
- Strong verbal and written communication skills, with the ability to clearly articulate technical findings and remediation guidance
- A hands-on engineering mindset with the ability to work independently and drive issues to resolution Preferred / Nice-to-Have Skills The following experience is highly desirable but not required:
- Experience with CyberArk and privileged access management (PAM) platforms
- Experience with Okta, including federation and identity integration scenarios
- Familiarity with identity governance, access reviews, and enterprise authentication architectures
- Experience supporting identity security initiatives within large enterprise or regulated environment