Stafford Gray LLC

Business Analyst – Identity and Access Management, IAM

Stafford Gray LLC

contract

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Job Level

Mid-LevelSenior

Tech Stack

AzureCyber SecurityPythonSQL

About the role

  • The IAM Business Analyst serves as the critical link between business objectives and technical solutions within the Identity and Access Management domain. This role is responsible for gathering, analyzing, and documenting business requirements to design and implement IAM solutions that enhance security, streamline operations, and ensure compliance. The ideal candidate will possess a strong blend of business analysis skills, a solid understanding of IAM principles, and the ability to communicate effectively with both technical and non-technical stakeholders.
  • Requirements Gathering: Lead discovery sessions and workshops with business stakeholders to elicit, analyze, and document functional and non-functional requirements for new or enhanced IAM capabilities.
  • Process Analysis & Design: Evaluate current-state ("As-Is") IAM processes and workflows, identify opportunities for improvement, and design future-state ("To-Be") solutions that are efficient and secure.
  • Solution Documentation: Create comprehensive documentation, including business requirements documents (BRD), use cases, process flows (e.g., using BPMN or Visio), and user stories for agile development teams.
  • Stakeholder Management: Act as a liaison between business units, IT teams, and security professionals to ensure alignment on IAM strategies and project goals.
  • System Implementation Support: Support the full project lifecycle, from initial design and development to user acceptance testing (UAT), training, and post-implementation support.
  • Compliance & Risk: Collaborate with compliance and audit teams to ensure IAM solutions adhere to regulatory requirements (e.g., GDPR, HIPAA) and internal security policies.
  • Change Management: Assist in the development of communication and training plans to facilitate the adoption of new IAM processes and tools.

Requirements

  • Bachelor's degree in Information Technology, Computer Science, Business Administration, or a related field.
  • 3-5 years of experience as a business analyst, with at least 2 years in an Identity and Access Management or cybersecurity environment.
  • Proven experience in requirements elicitation, documentation, and management.
  • Strong understanding of core IAM concepts, including identity lifecycle management, authentication, authorization, and privileged access management (PAM).
  • Familiarity with industry-standard IAM tools such as Active Directory, Azure AD, Okta, or SailPoint.
  • Excellent communication, interpersonal, and presentation skills, with the ability to convey complex technical concepts to a wide audience.
  • Demonstrated analytical and problem-solving abilities.
  • Preferred Qualifications:
  • Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or industry-specific certifications related to IAM.
  • Experience working in an agile development environment (e.g., Scrum, Kanban).
  • Knowledge of scripting languages (e.g., Python, PowerShell) or SQL for data analysis.
  • Experience with risk assessment and mitigation strategies within an enterprise IT environment.