IAM Governance Analyst

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field
• Three to seven years of experience in cybersecurity, IT risk management, internal audit, or compliance
• Demonstrated experience analyzing and contextualizing cybersecurity and IT risk data
• Strong understanding of cybersecurity frameworks and regulatory requirements
• Hands on experience with control testing, audits, and GRC platforms
• Strong analytical, documentation, and written communication skills
• Ability to translate technical cybersecurity risks into clear business language
• Working knowledge of IT architecture, systems, cloud platforms, and their security implications
• Ability to manage multiple priorities in a fast paced environment with minimal supervision

Nice To Haves

• CISA certification
• CISSP certification
• CRISC certification
• CISM certification
• Experience with GRC platforms such as Archer or ServiceNow GRC
• Experience with Risk and control frameworks including NIST
• Experience with Cloud and SaaS platforms such as AWS and Azure

Responsibilities

• Support the development and maintenance of IAM minimum requirements, standards, procedures, and guidelines
• Ensure IAM governance practices align with business objectives, risk appetite, and regulatory expectations
• Participate in policy exception management and control waiver processes
• Partner with business lines, risk management, compliance, and internal audit to drive consistent and effective governance
• Maintain IAM risk and control libraries within GRC platforms such as Archer
• Ingest, analyze, and interpret large volumes of cybersecurity and IT risk data from multiple sources such as GRC tools, Sphere, and audit logs
• Transform raw data through ETL processes into actionable insights, dashboards, and scorecards for business and risk stakeholders
• Develop and maintain control effectiveness metrics, key risk indicators, and operational risk reporting
• Identify trends, anomalies, and risk signals using data visualization and analytics tools such as Tableau
• Partner with data engineering teams to ensure accuracy, quality, and availability of security related datasets
• Conduct risk based assessments and control testing for identity and access management processes across the enterprise
• Validate both design and operating effectiveness of technical and administrative security controls
• Develop control testing procedures aligned to NIST and internal control methodologies
• Track control deficiencies, remediation activities, and outcomes
• Communicate control assurance results and risk posture to senior management and key stakeholders
• Act as a liaison for internal audits, external audits, regulatory examinations, and third party assessments
• Coordinate audit responses, evidence collection, and issue tracking
• Support ongoing regulatory and risk management inquiries related to IAM controls

Benefits

• competitive pay
• comprehensive benefits package
• medical coverage
• dental coverage
• vision coverage
• retirement benefits
• maternity leave
• paternity leave
• flexible work arrangements
• education reimbursement
• wellness programs
• paid time off policy exceeds the mandatory paid sick or paid time away requirements of local and state jurisdictions within the United States