Job Description
Job Capsule
The IAM Analyst role will work with the IAM team, business and application owners eliciting Application Onboarding requirements, testing validation, and performing data analysis to ensure correctness. Research, analyzes, and documents data, requirements, workflow/ processes, functionality and/or controls related to Identity & Access Management. Develops and evaluates information, and prepares recommendations based on analysis for use in decision-making. Applies extensive and diversified knowledge of principles and practices in broad areas of assignments and related fields. Acts as a liaison or subject matter expert to business and technical stakeholders transitioning to new IAM processes.
Job Duties/Roles
• Administer and support IAM platforms and core identity services (e.g., Microsoft Active Directory/Azure AD (Entra ID), SSO, MFA, directory integrations, and ABS Identity Hub).
• Execute identity lifecycle processes (joiner/mover/leaver), including account creation, updates, disablement, and timely deprovisioning based on approved requests according to standards.
• Support privileged access management (PAM) controls (e.g., privileged accounts, just-in-time access, break-glass procedures), including access request workflows and access reviews.
• Gather requirements for onboarding applications for provisioning access and access certifications, meeting appropriate controls.
• Analyze data in sources such as Ivanti ITSM, Active Directory, Entra ID, Oracle, etc. to provide use case input to stakeholders.
• Support business and technical stakeholders in transitioning to new IAM capabilities and services across various IAM domains such as Access Management, Identity Lifecycle Management and Privileged Access Management.
• Maintain continuous and strong security posture across all business and ABS IAM stakeholders via ongoing, proactive reviews of account access and authorization, and designing short- and long-term improvements to ensure violations are remediated.
• Create appropriate business test cases and test scripts and perform testing to ensure completeness.
• Assist stakeholders in understanding IAM capabilities and functions.
Knowledge, Skills and Abilities Required (KSAR)
• Hands-on experience with identity directories and access controls (e.g., Active Directory and/or Entra ID) including users, groups, roles, and policies.
• Working knowledge of authentication and federation concepts (MFA, SSO, SAML 2.0, OAuth 2.0, OpenID Connect, LDAP).
• Understanding of access control fundamentals (least privilege, separation of duties, privileged vs. non-privileged accounts, service accounts).
• Experience using ticketing/workflow tools to manage requests, approvals, and audit trails.
• Experience with identity governance administration (IGA) tools (e.g., Saviynt, SailPoint) including access requests, provisioning integrations, and access certifications.
• Experience with PAM solutions (e.g., Saviynt, BeyondTrust, CyberArk) and privileged access workflows.
• Scripting/automation experience (PowerShell, Python) to automate provisioning tasks and reporting.
• Experience supporting compliance and audit requests (e.g., SOX, ISO 27001/27002, NIST, CMMC) and producing audit-ready evidence.
• Collaborate with other business units to analyze and improve processing procedures and resolve problems.
• Work with peers, business units and/or project teams, and vendors to ensure business needs are fully communicated, documented and satisfied.
• Monitor and analyze key performance indicators and establish processes and methodologies for preventative mitigation.
• Strong written and verbal communication skills, with the ability to explain IAM concepts to both technical and non-technical stakeholders.
• Ensure compliance with ABS standards and best practices.
• Performs other related duties as assigned.
Minimum years of Experience
• 5+ years of experience with operational, governance, or business and technical engagement function within an IAM organization, preferably in a financial services organization.
Required/Preferred Education Requirements
• Bachelor's degree in Computer Science, Information Systems Engineering, Business or other related field, or the equivalent combination of education, training or experience.
Required/Preferred Professional Requirements
None
Country Requirements
ITAR Compliant
Reporting Relationships
Reports directly to IMS Management, as appropriate.
Direct Reports
None
Disclaimer Clause
This job description is not intended, and should not be construed, to be an all-inclusive list of responsibilities, skills, efforts or working conditions associated with the job of the incumbent. It is intended to be an accurate reflection of the principal job elements essential for making a fair decision regarding the pay structure of the job.
Working Conditions
Work is primarily sedentary; exerting up to 10 pounds of force occasionally, and/or, a negligible amount of force frequently, or, constantly to lift, carry, push, pull or otherwise move objects.
