Specialist – CyberSecurity (IAM & Secrets Management – Business Analyst)

Location

Experience

Type

CyberSecurity Business Analyst – IAM & Secrets Management

Secrets Management

🔐 Key Responsibilities

🔑 IAM & Secrets Management

• Define and enhance secrets management controls across machine-to-machine authentication systems.
• Support IAM operations by maintaining access governance for credentials, keys, and tokens.
• Provide subject matter expertise (SME) on secrets and credential management tools and best practices.
  

📊 Control Monitoring & MI Reporting

• Work with IAM Control Owners to define and track KPIs/KCIs/KRIs.
• Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders.
  

🔄 Risk, Governance & Compliance

• Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001.
• Identify cybersecurity exposure risks and support remediation planning.
• Implement strong governance processes for continuous compliance and risk reduction.
  

🤝 Stakeholder Management

• Collaborate with business units, IT, cybersecurity, and operations teams across global regions.
• Provide support during audits and external reviews.
• Lead cross-functional teams to define IAM standards, policies, and procedures.
  

📈 Continuous Improvement & Documentation

• Recommend improvements for IAM and Secrets Management efficiency, security, and scalability.
• Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents.
  

✅ Required Skills & Experience

• 5–7 years in Cybersecurity, IAM, or Access Governance roles.
• Strong knowledge of IAM controls, credential governance, and secrets management frameworks.
• Hands-on experience in:
• Application Security tools:
• MicroFocus Fortify (SAST/DAST),
• Checkmarx,
• Black Duck/Sonatype IQ,
• Veracode, Synopsys
• Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs).
• Familiarity with project management and governance frameworks.
• Excellent communication and presentation skills.
• Certifications such as CISSP, CISM, or other IAM-related credentials are preferred.
  

📌 Mandatory Skills

• Application Security – MicroFocus Fortify (SCA, SAST, DAST)
• Application Security – Open Source Tools (Black Duck, Sonatype IQ)
• Application Security – Veracode, Synopsys, Checkmarx
• IAM Governance, KPIs/KCIs, Risk Management
• Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)