Senior, IT Security Specialist

Job Description

The Senior IT Security IAM Specialist is a key technical leadership role responsible for designing, implementing, and maintaining enterprise-wide identity management systems. This position ensures secure, compliant, and efficient access to company resources, specializing in user provisioning, privileged access management (PAM), and identity governance. The Senior Specialist will lead IAM projects, enforce "least privilege" access policies, and enhance IAM security. 

Please note this is a hybrid opportunity. The position can be based in one of the following locations; Nooristown, PA, or Secaucus, NJ

Pay Range:$100,000 - $120,000 / year

Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications obtained. Market and organizational factors are also considered. Successful candidates may be eligible to receive annual performance bonus compensation.

Benefits Information:

We are proud to offer best-in-class benefits and programs to support employees and their families in living healthy, happy lives. Our pay and benefit plans have been designed to promote employee health in all respects – physical, financial, and developmental. Depending on whether it is a part-time or full-time position, some of the benefits offered may include:

• Day 1 Medical, supplemental health, dental & vision for FT employees who work 30+ hours
• Best-in-class well-being programs
• Annual, no-cost health assessment program Blueprint for Wellness®
• healthyMINDS mental health program
• Vacation and Health/Flex Time
• 6 Holidays plus 1 "MyDay" off
• FinFit financial coaching and services
• 401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service
• Employee stock purchase plan
• Life and disability insurance, plus buy-up option
• Flexible Spending Accounts
• Annual incentive plans
• Matching gifts program
• Education assistance through MyQuest for Education
• Career advancement opportunities
• and so much more!

Responsibilities:

•    System Ownership & Design: Serve as a subject matter expert (SME) for IAM platforms (e.g., SailPoint, Okta, Azure AD, CyberArk), designing scalable, secure authentication and authorization workflows.
•    Access Management & Provisioning: Oversee the full lifecycle management of digital identities (joiners, movers, leavers), including non-person ID creation, role-based access control (RBAC), and user access reviews.
•    Privileged Access Management (PAM): Implement and manage PAM solutions to secure, monitor, and manage privileged accounts, ensuring compliance with security policies.
•    Automation & Integration: Drive automation initiatives to streamline provisioning/de-provisioning, integrating IAM systems with HR systems and cloud applications (AWS, Azure) using scripting languages like PowerShell or Python.
•    Knowledge/ experience in  CSS, JavaScript, jQuery, Swift (for iOS Mobile App Development) & Java (for Android Mobile App Development). C#.net web development as a nice to have
•    Compliance & Audit: Conduct regular access audits, entitlement reviews, and certification campaigns to ensure adherence to regulatory requirements (e.g., SOX, HIPAA, GDPR).
•    Incident Response: Serve as a high-level responder for IAM-related incidents, such as compromised credentials or unauthorized access, and conduct root cause analysis. 
•    Provide support for the team on a 24 hour a day, 7 days a week basis when necessary 
•    Implementation and support – day to day IT security  
•    General supervision  
•    Work independently  
•    Provide guidance to and assist in training other specialists or business resources
•    Establish technical and process related documentation – technical leader

Qualifications:

Required Work Experience:
•    Experience: 3+ years of direct experience in Identity and Access Management, with a total of 5+ years in information security.
•    Education: Bachelor’s degree in Computer Science, Information Security, Management Information Systems, or equivalent experience
•    Technical Proficiency:
 -Platforms: Deep expertise in Microsoft Active Directory, Azure Active Directory/Entra ID, SailPoint IdentityIQ, and CyberArk.
- Protocols: Strong understanding of SAML, OAuth, OIDC, LDAP, and MFA.
- Scripting: Proficiency in PowerShell, Python, or Bash for automation.
•    Certifications (Preferred): CISSP, Certified Identity Access Manager (CIAM), or vendor-specific certifications (e.g., Okta Certified Professional, SailPoint Certified Engineer).

Preferred Work Experience:
Developing, documenting and maintaining security policies, processes, procedures and standards. Audit, compliance, governance experience.

Knowledge: 
Familiar with management framework – ISO 2700x and the ITIL, COBIT and National Institute of Standards and Technology, Risk Assessment methods and technologies, mainstream operating systems – Microsoft windows, network security appliances, identity and access management, etc. Network infrastructure – routers, switches, firewalls, etc. IT security knowledge 

Skills:
Work under pressure, analytical skills, interact with company personnel, strong leadership abilities, written and verbal communication skills, strong customer/client focus, manage expectations, build long term relationships

Soft Skills:
•    Leadership: Ability to mentor junior analysts and act as a technical lead on projects.
•    Communication: Strong ability to explain complex technical concepts to non-technical stakeholders.
•    Problem-Solving: Strong critical thinking to analyze, test, and troubleshoot complex IAM issues. 

 Additional Skills :
•    Experience with API security and integration (REST APIs).
•    Knowledge of Zero Trust architecture principles.

 #LI-RM1

51572

Quest Diagnostics honors our service members and encourages veterans to apply.

While we appreciate and value our staffing partners, we do not accept unsolicited resumes from agencies. Quest will not be responsible for paying agency fees for any individual as to whom an agency has sent an unsolicited resume.

Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets or any other legally protected status.