Cybersecurity Senior Analyst – Identity Governance & Administration (IGA)

About The Position

Requirements

• Bachelor’s degree or an equivalent combination of education and work experience
• Two or more years of experience working within an enterprise Information/Cyber Security setting, or equivalent experience
• Knowledge in information systems and ability to apply that knowledge in practice
• Experience participating in IT projects

Nice To Haves

• Certifications: CIAM, CISM, CISSP, Security+, Azure/AWS identity certs, or vendor‑specific IGA certifications.
• Background in enterprise directory services (Azure AD/Entra ID, AD DS).
• Experience with large-scale enterprise application portfolios.
• Excellent analytical and problem-solving skills
• Strong documentation and communication abilities
• Attention to detail and security risk awareness
• Ability to lead complex onboarding and troubleshooting scenarios
• Collaborative mindset with strong stakeholder management skills

Responsibilities

• Application Onboarding & Integration Lead the end‑to‑end onboarding of applications into the enterprise IGA platform (e.g., SailPoint, Saviynt, Omada).
• Conduct intake assessments to determine integration requirements such as access models, connectors, roles, and entitlements.
• Collaborate with application owners to define access workflows, provisioning methods (API, SCIM, JDBC, AD groups, etc.), and approval paths.
• Develop and maintain integration documentation and technical specifications.
• Federation & MFA Enablement Work with IAM engineering teams to establish federation using SAML, OAuth, OIDC, or WS‑Fed.
• Ensure the correct MFA policies are applied based on application sensitivity, user type, and organizational standards.
• Validate that authentication flows follow Zero Trust principles and align with enterprise identity architecture.
• Troubleshoot authentication, token, and SSO issues during onboarding or post-deployment.
• Separation of Duties (SoD) & Policy Enforcement Implement and enforce SoD controls by aligning application entitlements to governance policies.
• Conduct detailed SoD risk analysis for new applications to identify conflicts and propose remediation.
• Collaborate with internal audit and compliance to maintain SoD rule sets and support audit findings.
• Ensure access roles and entitlements are structured to prevent toxic combinations of privileges.
• Identity Lifecycle & Governance Support Design access models such as role-based access control (RBAC), attribute-based access control (ABAC), and birthright provisioning.
• Support recertification campaigns by ensuring application entitlements are properly defined and mapped in the IGA platform.
• Assist in maintaining identity data quality, entitlement hygiene, and governance standards.
• Monitor the health, performance, and accuracy of application connectors.
• Security, Compliance & Risk Management Ensure onboarded applications meet enterprise security baselines, MFA requirements, and identity governance policies.
• Support compliance initiatives such as SOX, PCI, HIPAA, or internal audit reviews.
• Contribute to risk assessments for new and existing application integrations.
• Document and remediate gaps in access controls, authentication flows, or identity governance processes.
• Collaboration & Leadership Serve as a subject matter expert for application teams, guiding them through onboarding and policy requirements.
• Partner with security architecture, IAM engineering, and IT teams to design secure, scalable access patterns.
• Mentor junior analysts on IGA processes, access modeling, and troubleshooting techniques.
• Communicate complex identity concepts to business stakeholders in clear, non-technical language.

Benefits

• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.