What Will You Be Doing?Frontier is looking for a talented and experienced Sr Analyst of Identity & Access Governance (IAG) to join our growing Cybersecurity IAG team. This role is perfect for an identity analyst with experience in Identity Governance & Administration (IGA) systems, passionate in access control disciplines.
The IAG Sr Analyst will support functional and technical aspects of the Identity Access Governance function. The Sr Analyst will support functions that support authentication, authorization, profile management, and federation at Frontier Airlines. The Sr Analyst is responsible for supporting the IAG program maturity, implementing and increasing adoption by onboarding technology platforms, maturing processes, and providing actionable guidance on security standards & best practices. The IAG Sr Analyst will support access provisioning (joiners/movers/leavers), governance, and administrative needs across the Frontier organization. The candidate will work on the adoption and expansion of the corporate Identity Governance & Administration (IGA) platform.
The IAG Sr Analyst will expand the centralized access management architecture, to mature the automation of provisioning and governance for enterprise applications. The Sr Analyst will collaborate with cross-functional teams to implement and support secure identity and access management solutions for the organization. The candidate will work to ensure that employees, business partners, and contractors have the right access to the right systems at the right times for the right reasons.
Essential Functions- Support the design, configuration, and implementation of an Identity Governance & Administration (IGA) solution that provides capabilities to manage identity lifecycles (of joiners, movers, leavers) and entitlement reviews (e.g., user access reviews, privileged access reviews).
- Work with internal stakeholders/business partners to gather and document IGA requirements for new and existing applications and systems.
- Work closely with stakeholders to understand their requirements, translate them into technical specifications, and design/implement IGA solutions that meet those requirements.
- Leading IAM projects and initiatives and developing strategies for identity and access management.
- Assist with the compliance requirements for implementing new authoritative sources.
- Conduct critical application Password Audits to satisfy SOX requirements.
- Support technical functions that automate provisioning and de-provisioning of user access, managing entitlements, managing roles, and enforcing policies for compliance purposes.
- Develop and maintain workflows, rules, and policies within IGA platforms for managing access requests, approvals, and access certification.
- Configure/manage access certification campaigns, developing access rules, and managing access workflows.
- Monitor, manage, and troubleshoot the IGA platform environment to ensure its high availability, stability, reliability, and security.
- Perform regular IGA solution maintenance/upgrades, troubleshoot, resolve issues, and ensure the system's performance and availability.
- Mentoring junior analysts and providing guidance on best practices.
- Analyze system requirements, including identifying interactions and appropriate interfaces between affected components and sub systems.
- Work collaboratively with vendors, consultants, and other third-party service providers to implement and maintain IGA solutions.
- Providing consulting and subject matter expertise to various business units and ensuring compliance with internal policies and regulatory requirements.
- Develop and/or review system specifications, including output requirements, flow charts and technical diagrams.
- Supports software system testing & validation procedures, programming, and documentation.
- Collaborate with cross-functional teams to develop IAG strategies, roadmaps, and standards that align with business goals and objectives.
- Provide technical expertise in the areas of access control, identity governance, and authentication & authorization to ensure compliance with industry regulations and standards such as SOX, PCI-DSS, and TSA.
- Handling complex IGA issues and providing advanced troubleshooting support.
- Work collaboratively with other teams to develop and implement security policies, procedures, and best practices that support the organization's overall IAG posture.
- Develop and maintain detailed documentation on IGA solutions, processes, and procedures to ensure compliance with internal policies and regulatory requirements.
- Work collaboratively with internal and external auditors to provide evidence of compliance with IAG policies/procedures and develop remediation plans for any identified gaps.
- Provide training and support to end-users on IAG-related topics to ensure that they are able to access the resources they need, support joiner/mover/leaver provisioning processes, while adhering to security policies and procedures.
- Provide training and support to end-users on IAG -related topics, including self-service password reset, access requests, and entitlement reviews.
- Stay up to date with emerging IGA technologies and best practices and provide recommendations for improving the IGA solutions and processes to meet the evolving needs of the organization.
Qualifications- Bachelor's degree in Computer Science, Information Systems, or a related field; or equivalent work experience (required).
- 5+ years of experience configuring, implementing, and maintaining a packaged or custom IGA solution, such as: Saviynt, SailPoint, ForgeRock, or equivalent tool (required).
- 4+ years of experience in configuring, implementing, and maintaining SailPoint IdentityNow and/or SailPoint IdentityIQ (required).
- Experience with Microsoft Azure Active Directory (required).
- Experience using PowerShell for reporting and automation (required).
- Experience using database connections and SQL queries (required)
- Working knowledge in infrastructure technologies such as Linux, Windows, and LDAP (required).
- Experience on SailPoint IdentityNow with developing custom workflows, connectors, rules, and policies (required).
- Certifications such as SailPoint Certified IdentityNow Engineer (desired).
- Certifications such as CISSP, CISM, or CISA (desired).
Knowledge, Skills, and Abilities- Proficient in developing and maintaining policies, standards, and guidance artifacts.
- Expert knowledge in core identity domains: Identity Governance & Administration (IGA), Privileged Access Management, Authentication, Authorization, and Identity Lifecycle Management.
- In-depth knowledge of Identity and Access Management concepts, technologies, and best practices, including user provisioning, access certification, role management, and entitlements management.
- Hands-on experience designing, implementing, and deploying IGA solutions in an enterprise environment, such as Azure AD, Okta, SailPoint, Saviynt, ForgeRock.
- Subject matter expert for IAG including: role-based access control (RBAC), access request, and certification.
- Demonstrates extensive understanding of IAG concepts such as directory services, SSO, federation, MFA, provisioning, access certification, roles, and segregation of duties (SOD).
- In-depth knowledge of legacy and modern authentication protocol differences (such as RADIUS, SAML, OpenID, Oauth, and LDAP).
- Deep understanding of SailPoint IdentityNow architecture and components, and be able to perform regular maintenance and upgrades, troubleshoot and resolve issues, and ensure system performance & availability.
- Security best practices for Windows-based and Linux-based systems including authentication principles and components.
- Experience in implementing and supporting IGA solutions in large and complex environments.
- Solid understanding of security and compliance regulations such as GDPR, SOX, PCI DSS, and HIPAA.
- Strong problem-solving and troubleshooting skills with the ability to analyze complex issues, identify root causes, and implement effective solutions.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and business partners.
- Strong project management skills, with the ability to manage multiple projects simultaneously and deliver on time and within budget.
- Exceptional consultative and interpersonal skills that have resulted in business relationships of impeccable trust, confidence, and results.
- Exhibit leadership skills required to manage resources as well as projects deliverables.
- Knowledge of industry trends and current and emerging risks.
- Self-directed professional with strong work ethics and excellent organizational skills.
- Strong leadership and negotiation skills with business and technical group.
Equipment OperatedComputer and IGA-related infrastructure.
Work EnvironmentTypical office environment, adequately heated and cooled.
Will require being on call for afterhours and weekend support.
Physical EffortLight physical effort required by handling objects up to 20 pounds occasionally and/or up to 10 pounds frequently.
Supervision ReceivedGeneral Direction: The incumbent normally receives little instruction on day-to-day work and receives general instructions on new assignments.
Salary Range: Please note: $90,094 - $119,583 this posting has a closing date of on or before midnight 9.30.26 MT.
Positions SupervisedNone
Workplace PoliciesDisclaimer: The above statements are intended only to describe the general nature and level of work required of the referenced position; they are not intended to be an exhaustive list of all responsibilities, duties, and skills required of individuals in this position. Please be advised that duties and expectations of this position may be subject to change.