Identity and Access Management (IAM) Specialist

Who We Are: Galaxy is a global leader in digital assets and data center infrastructure, delivering solutions that accelerate progress in finance and artificial intelligence. We believe that blockchain and digital asset innovation will transform how value moves through the world – and we’re building the products and services to make that future a reality. Our institutional digital assets platform spans trading, investment banking, asset management, staking, self-custody, and tokenization technology. We also invest in and operate cutting-edge data center infrastructure to power AI and high-performance computing, addressing the growing demand for scalable energy and compute in the U.S. We work at the intersection of finance and technology, helping institutions, startups, and developers navigate a digitally native economy. Led by CEO and Founder Michael Novogratz, our team blends deep crypto expertise with institutional experience and a shared commitment to shaping the future of Web3 and AI. Galaxy is headquartered in New York City, with offices across North America, Europe, the Middle East, and Asia. To learn more about our businesses and products, visit www.galaxy.com. What We Value: We are a diverse team of free thinkers, and fast movers united to help investors and creators energize the global economy. We are looking for individuals who thrive in a culture of builders and overachievers and embrace high performance, transparent feedback, and a mission-first approach. Our culture shapes our way of working and gets us where we want to be. • Seek Excellence. • Be Selective To Be Effective. • Be Highly Aligned, Loosely Coupled. • Disagree Transparently. • Encourage Independent Decision-Making. • Build Dream Teams. Who You Are: We are seeking a highly skilled and detail-oriented Identity and Access Management (IAM) Specialist to join our Security Operations team. The IAM Specialist will be responsible for implementing, managing, and improving our identity governance and access controls across the enterprise. This role plays a critical part in ensuring secure and efficient access to systems, applications, and data for employees, contractors, and external partners. What You’ll Do: • IAM Governance & Strategy • Develop, implement, and maintain IAM policies, standards, and procedures. • Ensure compliance with regulatory requirements (e.g., SOX, GDPR, HIPAA) and internal security policies. • Partner with risk and compliance teams on audits and remediation activities. • Access Management • Oversee access provisioning, de-provisioning, and modification processes for user accounts across systems and applications. • Manage access request workflows, approval processes, and identity lifecycle events. • Monitor and optimize Role-Based Access Control (RBAC) and least privilege principles. • Authentication & Authorization • Support multi-factor authentication (MFA), single sign-on (SSO), and federated identity management. • Ensure proper configuration and enforcement of authentication policies. • Integrate identity solutions with enterprise directories, cloud environments, and SaaS applications. • Tooling & Automation • Maintain and enhance IAM toolsets (e.g., SailPoint, Okta, CyberArk, Azure AD). • Develop automation scripts for identity workflows and access reviews using APIs, PowerShell, or Python. • Conduct periodic access certifications and recertification campaigns. • Monitoring & Incident Response • Collaborate with Security Operations Center (SOC) to identify and respond to IAM-related incidents. • Investigate anomalies in account activity or access patterns. • Participate in root cause analysis and incident postmortems related to IAM issues. What We’re Looking For: • Bachelor’s degree in Information Security, Computer Science, or a related field. • 3+ years of experience in IAM, cybersecurity, or IT security operations. • Solid understanding of IAM concepts, identity federation, and directory services. • Experience with IAM technologies such as Okta, Azure AD, SailPoint, Ping, or CyberArk. • Familiarity with protocols such as SAML, OAuth, OIDC, and LDAP. • Proficiency in scripting languages (PowerShell, Python, Bash) for automation. • Knowledge of regulatory compliance frameworks (e.g., NIST, ISO 27001, SOX). • Strong problem-solving skills and attention to detail. • Excellent written and verbal communication skills. Preferred Certifications: • Certified Identity and Access Manager (CIAM) • Certified Information Systems Security Professional (CISSP) • Microsoft Certified: Identity and Access Administrator • CompTIA Security+ What We Offer: • Competitive base salary and discretionary bonus • Flexible Time Off (i.e. unlimited paid vacation days) • Company paid Holidays (11) • Company paid sick leave • Company-paid health and protective benefits for employees, partners, and other dependents • 3% 401(k) company contribution • Generous paid Parental Leave • Free virtual coaching and counseling sessions through Headspace • Opportunities to learn about the Crypto industry • Free daily snacks in-office • Smart, entrepreneurial, and fun colleagues • Employee Resource Groups Apply now and join us on our mission to engineer a new economic paradigm. Galaxy respects diversity and seeks to provide equal employment opportunities to all employees and job applicants for employment without regard to actual or perceived age, race, color, creed, religion, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, marital or partnership or caregiver status, ancestry, national origin, citizenship status, disability, military or veteran status, protected medical condition as defined by applicable state or local law, genetic information or predisposing genetic characteristic, or other characteristic protected by applicable federal, state, or local laws and ordinances. We will endeavor to make a reasonable accommodation to the known limitations of a qualified applicant with a disability unless the accommodation would impose an undue hardship on the operation of our business. If you believe you require such assistance to complete the application process or to participate in an interview, please contact [email protected]. Apply tot his job