Analyst

Summary:

Work Mode: Hybrid - 3 days a week onsite.

Responsibilities:

• Identify and evaluate potential areas of Information Security threat by assessing the probability and impact, and implementing associated mitigations.
• Monitor and contribute to the implementation of the Information Security strategy.
• Evaluate the adequacy and effectiveness of internal controls relating to Information Security risks.
• Ensure appropriate procedures, policies, and processes are in place, and aligned and agreed with relevant stakeholders.
• Develop appropriate, pragmatic strategies to deliver effective controls and Information Security management objectives and implementation across the company.
• Manage client relationships and ensure management focuses on the Information Security agenda.

Requirements:

• Audit experience or implementation experience for Identity and Access concepts.
• Knowledge of Identity & Access Management: Authentication; Access management & control.
• Understanding of IAM concepts: least privilege, SoD, access certifications, and privileged access management.
• Familiarity with control frameworks and regulations (ISO 27001/27002, NIST, SOX, SOC 1/2, GDPR).
• Experience with IAM and PAM technologies (e.g., Active Directory, Azure AD/Entra ID, CyberArk).
• Joiner/Mover/Leaver (JML) automation using IAM tools integrated with HR systems.
• Role-based or policy-based access models enforcing least privilege and approved access paths.
• Experience with SSO and MFA controls.

Preferred Skills:

• Preferred certifications (e.g., CISA, CISSP, CRISC).