Cybersecurity SME[Remote]

Remote · USA Full-time New today

Position Title : Cybersecurity SME Location : Remote (May require Occasional Travel) Interview Mode : MS Teams Video Call Approximate Duration : 6+ Month Contract Visa : USC / GC Senior Cybersecurity SME specializing in next-generation Identity & Access across human employees, AI agents, IoT / OT devices, and applications. You will advise clients, architect solutions, and lead delivery in an MSSP context-designing multi-tenant, automated identity services aligned to Zero Trust, improving security outcomes, and accelerating time to value. You'll partner with sales, solution architects, and operations to shape offerings, win pursuits, and ensure reliable operations at scale. Client Advisory & Architecture (Employees, AI Agents, IoT / OT, Apps) Assess identity maturity and define target architectures spanning workforce, customer, workload, and machine identities under Zero Trust (NIST SP 800 207). Design adaptive access (risk-based, context-aware, passwordless / FIDO2, device trust, continuous authentication) across web, mobile, and legacy apps. Establish identity for AI agents and automations (service principals, scoped tokens, data access guardrails, human-in-the-loop approvals, auditability). Implement workload identity (mTLS, SPIFFE / SPIRE, PKI, certificate lifecycle, secretless auth) for microservices and platforms (Kubernetes, serverless, edge). Engineer IoT / OT device identity (x.509 provisioning, TPM / secure elements, attestation) and integrate with gateways / brokers. Integrate IGA, PAM, CIEM / permissions management, and ITDR to reduce excessive privileges and lateral movement risk. Apply ABAC / ReBAC and policy as code (e.g., OPA) for APIs and event driven architectures. MSSP Solution Design & Delivery Create multi-tenant reference architectures and runbooks for managed identity services (onboarding, steady state, incident management, offboarding). Integrate identity telemetry with SIEM / SOAR / MDR (e.g., Microsoft Sentinel, Splunk, QRadar) to enable ITDR and automated response. Define SLAs / SLOs, KPIs, and cost models; ensure observability, resiliency, and controlled change for identity services. Lead complex migrations and consolidations (tenant to tenant, hybrid / coexistence, M&A). Operations & Continuous Improvement Establish control health monitoring for identity platforms; drive automation to reduce toil and MTTR. Partner with SOC / MDR to tune detections (impossible travel, consent phishing, anomalous token use) and reduce false positives. Lead blameless post incidents; convert findings into hardened patterns and playbooks. Governance, Risk & Compliance Operationalize Join Move Leave and access reviews at scale; integrate with HRIS and ITSM. Map controls to NIST 800 63 / 207, NIST CSF 2.0, ISO 27001, SOC 2, PCI DSS, HIPAA (as applicable). Prove compliance via evidence automation and continuous control validation. Pre Sales, Workshops & Proposals Lead discovery, demos, and architecture workshops; craft SOWs / LOEs and respond to RFP / RFIs for managed identity services. Present to executive and technical stakeholders; quantify risk reduction and ROI. Contribute reusable assets (patterns, reference architectures, calculators) to speed pursuits. 10+ years in cybersecurity with 7+ years in Identity & Access; 5+ years in consulting / MSSP client facing roles. Deep knowledge of SAML, OAuth 2.0, OpenID Connect, SCIM, FIDO2 / WebAuthn, and certificate-based auth. Hands on with major platforms : Microsoft Entra ID (Azure AD), Okta, Ping, ForgeRock; IGA (SailPoint, Saviynt); PAM (CyberArk, BeyondTrust). Cloud & workload identity across Azure, AWS, GCP (federation, workload identity; secrets management-Vault / Key Vault / Secrets Manager). Experience implementing CIEM / permissions management (e.g., Entra Permissions Management / CloudKnox, Veza, Sonrai) and ITDR. Knowledge of API / microservices authorization (OPA, service mesh mTLS, SPIFFE / SPIRE), plus Kubernetes RBAC / Gatekeeper / Kyverno. Proven integration of identity with SIEM / SOAR / MDR and automation playbooks. Excellent communication and stakeholder management skills Apply tot his job Apply To this Job

Apply

Cybersecurity SME[Remote]

Related roles

Cybersecurity - Associate Information System Security Officer (ISSO)

GBV Tech & Innovation Consultant, Programme Group, Child Protection Team, Remote - Req 590900

Instructional Design Associate Manager (Remote)

[Remote] Sr. Litigation Claims Analyst

Youth Innovation Consultant, UNICEF – Generation Unlimited, NYHQ, remote. Req# 588512

Director, Customer Service and Operations

Integration Engineer United States

Solution Architect (Remote, Eastern or Central Time Zone)

Intellectual Property Champion (Patent & Trademark Attorney)

Senior Integration Architect (Secret Clearance)

Experienced Technical Customer Service Representative - Water Heaters - Remote Work Opportunity with On-Site Training at blithequark

Experienced Remote Cybersecurity Content Developer and Training Specialist - Creating Engaging Security Awareness Programs for Global Organizations

[Remote/WFM] Remote Spcecial Education Teacher - Teletherapy

Experienced Customer Success Associate – Evening Shift – Remote Opportunity at arenaflex

Experienced Detail-Oriented Data Entry Clerk with Competitive Pay & Flexible Schedule at arenaflex

Eligibility Business Analyst 2359074 | Dallas, TX | Remote

Senior Visual Designer (Remote, US-only)

Java Senior Software Engineer

HR Business Partner - Director (Remote)

Blue cross blue shield Customer Service Representative (Work At Home)