Identity and Access Management Analyst

Amalgamated Bank, America’s socially responsible bank, seeks an Identity & Access Management Engineering Analyst to support the Access Management team in Information Technology in organizing and executing activities. 

By joining our team, you’ll be joining a Bank that believes that that maintaining a diverse and inclusive workplace where everyone feels valued and respected is essential for us to grow as a company. We are dedicated to building a more equitable world in our everyday practices by embracing the values of our employees and customers.

Purpose of Position: 

1. Management of day-to-day logical access of users in applications, including deprovisioning of access rights within retired applications. 
2. Ensuring seamless banking operations including, but not limited to user recertifications, on-boarding of new applications and new employees & contractors, as well as off-boarding of terminated employees & contractors. 
3. Configuring approved limits in applications, coordination with vendors including opening service-desk tickets. 
4. Planning and overseeing the implementation of multi-factor authentication security measures and operational mitigations such as recycling & retiring inactive tokens to protect Amalgamated Bank’s computer systems, networks, and data. 
5. Ensuring user access recertification of privileged users in SOX and non-SOX (including GLBA) applications and coordinating user access recertification with business unit managers. 
6. Coordinating with internal and external auditors to ensure that all requests are provided in a timely manner to ensure efficient execution of the audit programs. 
7. Monitoring and reporting KPIs and other metrics and managing tokens.
8. Responsible for reviewing and updating the access management share-point site.
9. Being able to challenge any requests that deviate from agreed upon policies and procedures. 

 

Essential Job Functions:

1. Work with HR, IT, IS and Business to ensure timely logical access entitlements.
2. Complete annual user access recertification requests in a timely manner for SOX and non-SOX (including GLBA) applications.
3. Review and analyze network and application user roles and access entitlement reports and ensure accurate access provisions and document those processes.
4. Perform impact assessments for delayed terminations/transfers and ensure there are no unauthorized transactions in the Bank systems. Implement necessary access changes within the environment based on the received change requests.
5. Responsible for communicating the relevant access procedures and/or processes throughout the organization.
6. Assist with audit queries (internal and external)
7. Plan and coordinate MFA Token management for customers, employees, and contractors.
8. Work closely with vendors, Information Technology, and Information Security manager to implement logical access stemming from new projects and initiatives.
9. Perform other duties as directed.

Knowledge, Skills and Experience Requirements:

1. Bachelor’s degree or equivalent experience
2. Minimum of 3 + years of experience in Application access entitlement management
3. Knowledge of Microsoft suite of products
4. Understanding of logical access user entitlement provisioning and de-provisioning procedures
5. Familiarity with banking applications 
6. Knowledge of Segregation of Duties & role-based access
7. Familiarity of Identity and Access Management tools
8. Awareness of regulatory requirements such as DFS 500, SOX, GLBA, etc. as it pertains to Logical access (Plus but not required)
9. Strong analytical ability
10. Excellent verbal/written communication and interpersonal skills
11. Ability to think like an auditor (trust but verify work being done under supervision)
12. Ability to work in a fast-paced environment.

Our job titles may span more than one career level. The starting base salary for this role is between $70,000.00 – $85,000.00. The actual base pay is dependent upon many factors, such as: training, transferrable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future.

Amalgamated Bank is an Equal Opportunity and Affirmative Action Employer, Minorities / Females / Individuals with Disability / Veterans. AmeriCorps, Peace Corps and other national service alumni are encouraged to apply. View our Pay Transparency Statement. Submission of a resume or any information regarding your qualifications does not constitute a promise or offer of employment. At Amalgamated Bank, we consider an applicant to be someone who has interviewed at least once, in person, with the hiring manager. Amalgamated Bank does not sponsor applicants for work visas.

Hybrid Work Model
Effective February 18, 2025, employees in office-based positions will be working a Hybrid work schedule consisting of three days or more, on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, the contact center, branch service roles, and general services where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance does not apply to roles that have been designated as “remote”.
Search Firm Representatives- Please Read Carefully 
 Amalgamated Bank does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for the position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Apply