Information Security Support Engineer

We are seeking an Identity Remediation & Onboarding Analyst to join our Information Security team, supporting identity and access remediation initiatives across the firm. - We are partnering with our CyberArk and Linux engineering teams to secure sudo access and transition users with elevated privileges to passwordless SSH sessions using CyberArk. The contractor will coordinate across technical and business stakeholders, help define and manage the migration schedule, track progress, and support issue resolution throughout the rollout. - If capacity allows, this role may also support service account remediation efforts, including onboarding service accounts into CyberArk, coordinating appropriate Safe access configurations, and ensuring proper password rotation controls are implemented. - Execute identity remediation initiatives across critical systems, eliminating orphaned accounts, stale access, excessive privileges, and unmanaged service accounts. - Perform hands-on cleanup and risk reduction across accounts, entitlements, and privileged access in alignment with firm standards. - Drive service account security improvements, including remediation of clear-text passwords, credential vaulting and rotation, ownership validation, and enforcement of lifecycle controls. - Support onboarding of applications and privileged accounts into the firm's Identity Governance & Administration (IGA) solution, and Privileged Access Management platforms in alignment to firm's access control requirements. - Reduce administrative access across critical platforms by identifying excessive privileged access and implementing least-privilege controls. - Strengthen group and entitlement governance by simplifying complex group structures and aligning them to standardized access models. - Partner with application, infrastructure, and engineering teams to implement access changes and close control gaps. - Track remediation efforts through completion, maintaining audit-ready documentation and measurable evidence of risk reduction. - Monitor shared mailboxes and ticketing queues related to remediation and onboarding activities, ensuring timely response, prioritization, and escalation. - Leverage AI tools and large language models to automate repeatable analysis, reconciliation, and documentation tasks.