Compliance and IAM (Identity Access Management )Risk Analyst

Job Title: Compliance and IAM Risk Analyst

Description: This role is responsible for analyzing data to identify and mitigate risks related to Identity Access Management (IAM). The role involves developing IT strategies aligned with a high-impact business agenda, collaborating with vendors and senior management to define information needs, and sustaining service levels. The role is key to ensuring that both our own team is compliant with controls like SOX, PCI, etc. but also works regularly with other teams outside of cyber to discover and remediate any IAM-based risk within the company.

Responsibilities:

• Perform Periodic User access reviews
• Analyze data to identify potential IAM risks and vulnerabilities.
• Develop and implement strategies to mitigate identified IAM risks.
• Conduct risk assessments and identify potential compliance issues.
• Monitor and report on IAM risk activities and ensure adherence to regulatory requirements.
• Collaborate with internal and external stakeholders to address IAM risk management concerns.
• Provide guidance and support to the organization on IAM risk-related matters.
• Engage with IT teams, Auditors & Legal as needed.
• Help manage audit activities.
• Establish and maintain relationships with several IT support/business teams.
• Use deep business knowledge and business acumen to drive improvements in IT engagement for this initiative.
• Communicate specific IT decisions relevant to the IT support teams/business.

Qualifications:

• +5 years of experience in Cyber Security. Preferably in Identity access management (IAM).
• Proven experience in compliance and risk management, particularly in the area of Identity Access Management (IAM).
• Experience with compliance regulations like PCI, SOX, etc.
• Strong understanding of IT general control frameworks and regulatory requirements.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong analytical and problem-solving skills.

Appreciated Qualifications:

• Bachelor’s degree in computer science, Information Technology, or a related field.
• Relevant certifications such as CISSP, CISM, CEH or similar.
• Experience with EntraID & Active Directory