Y-Axis Jobs Logo
Send us feedback
telephone  +91 7670 800 001
Sign in Try Premium
Principal Associate, Authentication and Access Assurance (AAA) at Information Technology Senior Management Forum
McLean, Virginia, USA -
Full Time

Start Date

Immediate

Expiry Date

27 May, 25

Salary

145500.0

Posted On

27 Feb, 25

Experience

1 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Cisa, Federated Identity Management, Ccsp, Risk Assessment, It, Authentication Protocols, Ged, Information Technology, Critical Thinking, Oauth, Multi Factor Authentication, Adherence, Communication Skills, Connect, Nist, Analytical Skills, Access Control, Rbac

Industry

Financial Services

Description

Posted Date
2/26/2025
Description
Principal Associate, Authentication and Access Assurance (AAA)
The Authentication and Access Assurance (AAA) team is responsible for conducting cybersecurity risk assessments that evaluate authentication and access management practices across the organization. Our team ensures compliance with the FFIEC Authentication & Access Guidance and identifies key risks that impact the security and resilience of financial services.
As a Principal Associate, Cyber Risk Assessor, you will play a critical role in assessing authentication risks, identifying control gaps, and providing actionable recommendations. You will engage with stakeholders across cybersecurity, IT, and business functions to drive risk-based decision-making and improve authentication and access security.
This is an opportunity to work in a highly adaptable and evolving team, directly contributing to the organization’s cybersecurity posture. We seek an individual who is technically proficient, business-savvy, and an effective communicator, with a passion for authentication and identity security.

EXPERIENCE:

  • Experience in cybersecurity risk assessment, cybersecurity audit, or IAM security, with a focus on authentication risks and access management.
  • Familiarity with the FFIEC Authentication & Access Guidance and experience assessing compliance against it.
  • Strong understanding of authentication technologies, including multi-factor authentication (MFA), passwordless authentication, biometric authentication, and risk-based authentication.
  • Working knowledge of IAM security principles, such as identity governance, privileged access management (PAM), role-based access control (RBAC), and just-in-time access.
  • Experience working with stakeholders across business, IT, and security teams, with an ability to effectively communicate and influence security decisions.
  • Ability to manage multiple assessments simultaneously, maintain adherence to deadlines, and escalate issues when needed.
  • Strong critical thinking and analytical skills, with the ability to assess control effectiveness and make well-reasoned risk judgments.
  • Excellent written and verbal communication skills, including the ability to translate technical risk assessments into business-relevant insights.

BASIC QUALIFICATIONS

  • High School Diploma, GED or equivalent certification
  • At least 3 years of experience working in cybersecurity or information technology
  • At least 1 year of experience in cybersecurity risk assessments or cybersecurity audit

PREFERRED QUALIFICATIONS:

  • 2+ years of experience with risk frameworks NIST CSF, NIST 800-63, ISO 27001, or PCI DSS
  • 1+ year of experience in federated identity management, single sign-on (SSO) solutions, and modern authentication protocols (OAuth, SAML, OpenID Connect)
  • 1+ year of experience working in financial services cybersecurity or a highly regulated environment
  • One or more professional certifications CISSP, CISA, CRISC, or CCSP

EXPERIENCE:

  • Experience in cybersecurity risk assessment, cybersecurity audit, or IAM security, with a focus on authentication risks and access management.
  • Familiarity with the FFIEC Authentication & Access Guidance and experience assessing compliance against it.
  • Strong understanding of authentication technologies, including multi-factor authentication (MFA), passwordless authentication, biometric authentication, and risk-based authentication.
  • Working knowledge of IAM security principles, such as identity governance, privileged access management (PAM), role-based access control (RBAC), and just-in-time access.
  • Experience working with stakeholders across business, IT, and security teams, with an ability to effectively communicate and influence security decisions.
  • Ability to manage multiple assessments simultaneously, maintain adherence to deadlines, and escalate issues when needed.
  • Strong critical thinking and analytical skills, with the ability to assess control effectiveness and make well-reasoned risk judgments.
  • Excellent written and verbal communication skills, including the ability to translate technical risk assessments into business-relevant insights.

BASIC QUALIFICATIONS

  • High School Diploma, GED or equivalent certification
  • At least 3 years of experience working in cybersecurity or information technology
  • At least 1 year of experience in cybersecurity risk assessments or cybersecurity audit

PREFERRED QUALIFICATIONS:

  • 2+ years of experience with risk frameworks NIST CSF, NIST 800-63, ISO 27001, or PCI DSS
  • 1+ year of experience in federated identity management, single sign-on (SSO) solutions, and modern authentication protocols (OAuth, SAML, OpenID Connect)
  • 1+ year of experience working in financial services cybersecurity or a highly regulated environment
  • One or more professional certifications CISSP, CISA, CRISC, or CCSP
Responsibilities

Please refer the Job description for details