Cybersecurity SME

Cybersecurity SME Remote 6+ months Senior Cybersecurity SME specializing in next-generation Identity & Access across human employees, AI agents, IoT/OT devices, and applications. You will advise clients, architect solutions, and lead delivery in an MSSP context—designing multi-tenant, automated identity services aligned to Zero Trust, improving security outcomes, and accelerating time to value. You’ll partner with sales, solution architects, and operations to shape offerings, win pursuits, and ensure reliable operations at scale. Client Advisory & Architecture (Employees, AI Agents, IoT/OT, Apps) • Assess identity maturity and define target architectures spanning workforce, customer, workload, and machine identities under Zero Trust (NIST SP 800 207). • Design adaptive access (risk-based, context-aware, passwordless/FIDO2, device trust, continuous authentication) across web, mobile, and legacy apps. • Establish identity for AI agents and automations (service principals, scoped tokens, data access guardrails, human-in-the-loop approvals, auditability). • Implement workload identity (mTLS, SPIFFE/SPIRE, PKI, certificate lifecycle, secretless auth) for microservices and platforms (Kubernetes, serverless, edge). • Engineer IoT/OT device identity (x.509 provisioning, TPM/secure elements, attestation) and integrate with gateways/brokers. • Integrate IGA, PAM, CIEM/permissions management, and ITDR to reduce excessive privileges and lateral movement risk. • Apply ABAC/ReBAC and policy as code (e.g., OPA) for APIs and event driven architectures. MSSP Solution Design & Delivery • Create multi-tenant reference architectures and runbooks for managed identity services (onboarding, steady state, incident management, offboarding). • Integrate identity telemetry with SIEM/SOAR/MDR (e.g., Microsoft Sentinel, Splunk, QRadar) to enable ITDR and automated response. • Define SLAs/SLOs, KPIs, and cost models; ensure observability, resiliency, and controlled change for identity services. • Lead complex migrations and consolidations (tenant to tenant, hybrid/coexistence, M&A). Operations & Continuous Improvement • Establish control health monitoring for identity platforms; drive automation to reduce toil and MTTR. • Partner with SOC/MDR to tune detections (impossible travel, consent phishing, anomalous token use) and reduce false positives. • Lead blameless post incidents; convert findings into hardened patterns and playbooks. Governance, Risk & Compliance • Operationalize Join Move Leave and access reviews at scale; integrate with HRIS and ITSM. • Map controls to NIST 800 63/207, NIST CSF 2.0, ISO 27001, SOC 2, PCI DSS, HIPAA (as applicable). • Prove compliance via evidence automation and continuous control validation. Pre Sales, Workshops & Proposals • Lead discovery, demos, and architecture workshops; craft SOWs/LOEs and respond to RFP/RFIs for managed identity services. • Present to executive and technical stakeholders; quantify risk reduction and ROI. • Contribute reusable assets (patterns, reference architectures, calculators) to speed pursuits. 10+ years in cybersecurity with 7+ years in Identity & Access; 5+ years in consulting/MSSP client facing roles. • Deep knowledge of SAML, OAuth 2.0, OpenID Connect, SCIM, FIDO2/WebAuthn, and certificate-based auth. • Hands on with major platforms: Microsoft Entra ID (Azure AD), Okta, Ping, ForgeRock; IGA (SailPoint, Saviynt); PAM (CyberArk, BeyondTrust). • Cloud & workload identity across Azure, AWS, GCP (federation, workload identity; secrets management—Vault/Key Vault/Secrets Manager). • Experience implementing CIEM/permissions management (e.g., Entra Permissions Management/CloudKnox, Veza, Sonrai) and ITDR. • Knowledge of API/microservices authorization (OPA, service mesh mTLS, SPIFFE/SPIRE), plus Kubernetes RBAC/Gatekeeper/Kyverno. • Proven integration of identity with SIEM/SOAR/MDR and automation playbooks. • Excellent communication and stakeholder management skills