- Hybrid ( Tues,Weds, Thurs in Office ) in Boston, MA office.
- Experience in Identity and access management - identity governance administration ( IGA) systems and processes.
- Experience with governance risk and compliance concepts ( risk assessments, remediation tracking, audit support).
- Looking for a mid-level level BA with 5 years of experience.
The Team
We are seeking a Governance Risk and Compliance (GRC) Business Analyst to assist the Information Security GRC department. The InfoSec GRC team develops and implements GRC policies and manages company-wide Information Security Governance Programs. This Business Analyst will serve as a key member of our project team to build out the Identity and Access Management Program (IAM) and support other GRC Programs to evaluate risk and track remediation of findings and ensure compliance with information security policies. Day-to-day you will engage with internal members of the Information Security and Information Technology teams to understand their needs, document requirements, provide functional and technical expertise in IAM and other InfoSec GRC Programs and ultimately provide SME knowledge to ensure the programs and supporting technologies are implemented and enhanced to support our governance policies. As a GRC Business Analyst, you will partner with cross-functional teams to deliver results by understanding risk and compliance drivers including policies, identifying process inefficiencies and gaps, and solving problems. You will help the leadership team envision and deliver strategic solutions and ensure deliverables align to business objectives.
What You Can Offer Us
• Facilitate requirement sessions to elicit, document, and analyze business requirements and functional specifications, leveraging the information security platforms as required to support small and large projects.
• Translate complex Identity Access Management (IAM) concepts (authentication, provisioning, entitlements, role based access control, certifications) into business-friendly and concise requirements.
• Create and document detailed use cases, workflows, and business rules for the implementation of an enterprise-scale Identity Governance Administration (IGA) solution; Serve as the liaison between technical teams and non-technical business users.
• Leverage knowledge and experience with IAM programs and IGA processes including Joiner/Mover/Leaver (JML), access request and approval workflows, access reviews and recertifications and role engineering and role lifecycle management.
• Leverage knowledge and experience with risk assessments, findings, and tracking the remediation of open risk items by internal and external parties.
• Ensure IAM solutions align with governance, risk, and compliance drivers (e.g., policies, regulatory and legal requirements)
• Identify operational inefficiencies, conflicting business practices, and high-level integration issues, suggesting alternative solutions to cross-functional problems.
• Partner and support information security project teams, including outside vendors, with timely, regularly scheduled delivery of system configuration requirements, data analysis deliverables, appropriate follow-ups on open risk items and other tasks as assigned.
• Ensure business and operational readiness for implementation of security tools, ongoing system enhancements, new products, and process changes; support end-user training.
• Develop and maintain productive business customer relationships; support requirement gathering, configuration/development, and delivery in a collaborative manner.
• Other duties as assigned.
What You Need to Succeed
• Bachelor’s degree or equivalent experience required.
• Minimum 5 years professional experience in business analysis, GRC, risk assessments, systems implementation/enhancements, and support of IT systems required.
• Three years of experience in IAM working with enterprise-scale IGA platforms, PAM solutions and/or Access Management control implementations strongly preferred.
• Experience leading cross-functional projects.
• Strong knowledge of Agile, Waterfall, and other IT project management methodologies.
• Understanding of GRC, information security, IT and business concepts
• Ability to provide technical direction and drive innovation amidst uncertainty and ambiguity.
• Able to evaluate the impact of business changes on systems.
• Strong written and oral communication skills, including the ability to present ideas and suggestions clearly and effectively.
• Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
• Strong organizational skills; ability to accomplish multiple tasks within the agreed upon timeframes through effective prioritization of duties and functions in a fast-paced environment.
Never miss an opportunity! Create an alert based on the job you applied for.
