Info Security Specialist II chez DMV IT Service LLC

Job Role: Info Security Specialist II
Location: Chicago, IL
Employment Type: Full-time

About Us
DMV IT Service LLC, founded in 2020, is a trusted IT consulting firm specializing in IT infrastructure optimization, cybersecurity, networking, and staffing solutions. We partner with clients to achieve technology goals through expert guidance, workforce support, and innovative solutions. With a client-focused approach, we also provide online training and job placements, ensuring long-term IT success.

Job Purpose
We are seeking an experienced Info Security Specialist II to support Phase 2 of the ECM Change Management Audit Remediation program. This role will lead application deep-dives, coordinate responses across application teams, and own all IAM aspects of project execution within the IAM workstream. The consultant will facilitate and document definitions of privileged access, align with policy and Privileged Account Management (PAM) standards, and drive data collection, analysis, and remediation planning.

Phase 2 of this program focuses on risk-based deep-dive assessments of applications prioritized by business criticality, regulatory impact, data classification, foundational system status, and usage profiles.

Requirements

• Plan, schedule, and facilitate application deep-dive assessment sessions with app and service owners.
• Tailor assessment question sets to hosting model (on-premise/SaaS), access model, and application criticality.
• Drive application response completion (surveys, interviews, workshops) and ensure evidence is stored in approved repositories (CMDB, SharePoint, ServiceNow).
• Define and document privileged access for each application (roles, entitlements, credentials, service accounts, cloud admin roles) in alignment with PAM standards.
• Map entitlements to accounts and controls (vaulting, rotation, JIT, session management, MFA) and identify remediation needs.

Analysis, Risk Scoring & Reporting

• Apply risk-based prioritization using the Phase 2 model and record rationale in CMDB attributes.
• Produce application-level reports documenting current state, control gaps, recommendations, and target dates.
• Deliver portfolio-level rollups for program governance.

Standards Alignment & Operationalization

• Ensure outcomes align with IAM Policy and PAM Standard definitions and controls.
• Raise exceptions only when justified with mitigating controls and an agreed remediation plan.
• Partner with application teams to confirm privileged access scopes for upcoming PAR/PUAR campaigns and certify in-scope accounts.

Tooling & Integrations

• Coordinate with platform owners to onboard/vault credentials and secrets in CyberArk.
• Ensure Okta access patterns and SailPoint IIQ governance reflect agreed entitlements.
• Update CMDB attributes and ServiceNow IRM records to reflect final risk ratings and control states.

Required Qualifications

• Bachelor’s degree in Computer Science or related field, or equivalent experience.
• Minimum 4 years of experience in IAM or security aspects across multiple platforms, operating systems, and networks.
• Strong knowledge of privileged access management and IAM frameworks (CyberArk, SailPoint IIQ, Okta).
• Experience in risk-based analysis, security assessments, and compliance alignment.
• Strong communication and documentation skills to work with technical and business stakeholders.

Preferred Qualifications

• Relevant IAM or security certifications (e.g., CISSP, CISM, CISA, CyberArk Defender, SailPoint).
• Previous help desk or IT operations experience.
• Experience working within regulated industries or audit remediation programs.