Senior Security Analyst - Customer Identity & Access Management

D.R. Horton•Arlington, TX

20h•Onsite

About The Position

D.R. Horton, Inc. is currently looking for a Senior Security Analyst. The Senior Security Analyst – Customer Identity & Access Management (CIAM) is a senior-level cybersecurity role responsible for securing, administering, and advancing the organization’s customer-facing identity, authentication, and access platforms. This position serves as a subject matter expert for CIAM technologies supporting external users, applications, and digital services, while also contributing to broader security operations including but not limited to vulnerability management, network security, email security, and privileged access management (PAM). This role requires deep technical expertise in large-scale identity systems, strong operational ownership, and the ability to lead complex security initiatives and investigations independently. The Senior Security Analyst will work closely with application teams, IT Operations, Infrastructure, Network, and Risk teams to ensure secure, scalable, and compliant customer identity solutions and will participate in an established on-call rotation.

Requirements

7+ years of experience in Information Technology and Cybersecurity, with a significant focus on Identity and Access Management.
College degree in Information Technology, Computer Science, Cybersecurity, or a related field, OR equivalent technical training and professional experience supporting enterprise IT environments.
Demonstrated enterprise experience with:
Ping Identity
Microsoft Active Directory
Quest Active Roles
Microsoft Entra ID (Azure AD)
Enterprise Multi-Factor Authentication (MFA) solutions
Strong experience with Privileged Access Management (PAM) concepts and controls.
Solid working knowledge of vulnerability management, network security, and email security.
Deep understanding of authentication and identity protocols, including LDAP, Kerberos, SAML, OAuth, and OpenID Connect.
Proven ability to troubleshoot complex security issues and lead investigations end-to-end.
Strong written and verbal communication skills.

Nice To Haves

Industry certifications such as CISSP, CISM, Microsoft security certifications, or other relevant cybersecurity certifications are a plus.
Ping Identity certifications (CIAM-focused) highly desirable and considered optimal.
Experience supporting external authentication platforms at scale with high availability and security requirements.
Experience in large-scale, hybrid cloud and on-premises enterprise environments.

Responsibilities

Design, implement, manage, and secure Customer Identity and Access Management (CIAM) solutions supporting external users, customers, and digital applications.
Administer and support Ping Identity platforms, including customer authentication services, federation, SSO, OAuth/OIDC flows, and secure access integrations.
Ping Directory – on premise
Ping Federate – on premise
Ping One MFA – cloud based
Design, deploy, and support enterprise Multi-Factor Authentication (MFA) solutions for customer-facing applications and services.
Secure the customer identity lifecycle, including registration, authentication, authorization, account recovery, and de-provisioning.
Investigate, respond to, and remediate customer identity-related security incidents, fraud activities, authentication abuse, and anomalous access behavior.
Provide security-focused administration and support for Microsoft Active Directory as part of the organization’s overall identity and access strategy.
Manage and secure Active Directory objects, authentication mechanisms, service accounts, group-based access, and privileged identities.
Support directory services security, including account lifecycle management, access reviews, privilege enforcement, and authentication troubleshooting.
Partner with Infrastructure and Operations teams on Active Directory hardening, access control standards, and identity security best practices.
Participate in investigations involving directory services, including credential compromise, privilege misuse, and identity-driven attack activity.
Administer and oversee privileged access controls across CIAM platforms, Active Directory, service accounts, and administrative roles.
Enforce least-privilege access and role-based access controls for enterprise identity systems.
Monitor privileged activity, logging, and alerting, and support forensic analysis and incident response.
Provide access control reporting and audit evidence when required.
Support enterprise vulnerability management activities across identity platforms, directory services, authentication infrastructure, and supporting systems.
Analyze vulnerabilities impacting identity and access controls and coordinate remediation with Application, Infrastructure, and Security teams.
Support identity-related network security integrations, including authentication dependencies for VPNs, secure access, and protected service endpoints.
Assist with investigations related to credential abuse, phishing, account compromise, and identity-driven network or email threats.
Collaborate with Network and Messaging teams to strengthen identity-based access controls and security protections.
Serve as a senior escalation point for complex CIAM, Active Directory, and authentication-related security issues.
Lead security initiatives related to CIAM, directory services, and access management platforms.
Mentor and provide technical guidance to Security Analysts and Security Administrators.
Develop and maintain technical standards, documentation, and operational procedures.
Participate in a 1-week on-call rotation to support security operations.