New 
Senior Cybersecurity Specialist - Consumer Identity
 Spectraforce Technologies | |
 United States, Minnesota, St. Paul | |
 Jul 23, 2025 | |
|
Title: Senior Cybersecurity Specialist - Consumer Identity
Location: St. Paul, Minnesota 55117 (Onsite ) Duration: 8 weeks Position Overview The role is for a Senior Cyber Specialist focused on Consumer Identity, specifically assessing the Auth0 platform. The specialist will evaluate the configuration and governance of the Auth0 environment to ensure it aligns with security best practices. Key Responsibilities - Assess technical and process controls of the Auth0 consumer identity platform. - Ensure secure configuration and compliance with governance frameworks. - Review roles, responsibilities, regulatory compliance, consent and preference management. - Evaluate data governance principles including minimization, retention, classification, and disposition. - Validate change management processes, metrics, dashboards, and reporting. - Collaborate with product owners, engineers, and architects. - Conduct interviews, review system evidence, and assess policy adherence. The primary duties associated with this assignment include: CIAM Controls Assessment: * Validate the implementation and governance of controls related to identity provider (IdP) configuration and federation protocols (e.g., SAML, OIDC). * Evaluate the design and implementation of authorization models, including role-based (RBAC), attribute-based (ABAC), and policy-based access controls (PBAC). * Determine the strength and efficiency of security controls governing password requirements, multi-factor authentication (MFA), and adaptive authentication for both consumer-facing access and internal platform operations. * Assess API security, token management, and secure system integrations used for CIAM, including third-party integrations. * Review user lifecycle automation processes, including provisioning, deprovisioning, and account synchronization. * Assess controls surrounding user profile information. * Analyze self-service and account recovery features for both security and usability. * Validate logging, monitoring, and SIEM integration for identity-related events. CIAM Governance Assessment: * Assess and validate adherence to CIAM governance frameworks, including defined roles, responsibilities, and accountability structures. * Validate the effectiveness of processes designed to ensure compliance with GDPR, CCPA, HIPAA, PCI DSS, and other applicable consumer data protection standards. * Evaluate the effectiveness and compliance of consent and preference management mechanisms in supporting user autonomy and regulatory requirements. * Verify data governance practices to ensure proper data minimization, retention, and classification aligned with regulatory and organizational requirements. * Analyze identity-related risk management processes. * Review change management and configuration control procedures. * Verify that recurring access reviews and related documentation are in place and effectively maintained. * Analyze the effectiveness of metrics, dashboards, and reporting tools in providing actionable insights and ensuring robust CIAM governance oversight. * Assess vendor oversight and review of third-party security certifications (e.g., SOC 2, ISO 27001). Required Skills * 5+ years of experience in identity architecture, access management, cybersecurity, or technology audit with a focus on evaluating the effectiveness of consumer identity and access management (CIAM) governance and controls * Deep understanding of authentication, authorization, and identity lifecycle management * Knowledge of industry guidance related to digital authentication and lifecycle management (e.g. NIST SP 800-63B) * Hands-on experience with assessing CIAM platforms and identity federation protocols (SAML, OIDC, OAuth) * Familiarity with modern authentication technologies such as WebAuthn and Passkeys * Knowledge of regulatory frameworks impacting consumer identity (e.g., GDPR, CCPA, HIPAA, PCI DSS) * Experience in risk assessment, compliance audits, and governance reporting * Strong collaboration and influencing skills across technical and business teams * Excellent written and verbal communication skills tailored to diverse audiences * Strong analytical and problem-solving abilities * Ability to manage multiple priorities in a fast-paced environment * Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Information Assurance, or a related field * Preferred: Professional certifications such as CISSP, CISA, CIAM, or equivalent | |