The IAM Operations Analyst will be responsible for the day-to-day execution of identity and access management changes, processes and ensuring compliance with security policies and regulatory requirements. This role supports the Senior IAM Manager by managing operational tasks, monitoring and improving identity risks, and producing actionable insights to improve our identity security posture.

Key Responsibilities :

IAM/PAM Operations & Governance :

- Execute day-to-day IAM & PAM (CyberArk) operations, including user provisioning, de-provisioning, and access reviews.

- Ensure compliance with internal security policies and external regulatory frameworks (e.g., SOX, ISO, SOC2, PCI, NIST).

- Maintain accurate IAM documentation, including process flows, technical guides, and governance policies.

- Drive change and reduce risk through

Risk Management & Compliance :

- Identify and remediate IAM-related risks, including Segregation of Duties (SoD) conflicts.

- Support audits and regulatory assessments by providing evidence and reports.

- Develop and maintain IAM-related policies aligned with frameworks such as Zero Trust and SaaS Security.

Stakeholder Engagement :

- Act as a liaison between business units and technical teams to ensure IAM requirements are understood and implemented

effectively.

- Provide guidance and training to business teams on IAM best practices.

- Give advice to business users on RBAC models.

Incident Response & Continuous Improvement :

- Assist in responding to security incidents involving identity or access.

- Monitor emerging threats and recommend enhancements to IAM controls.

- Contribute to IAM roadmap initiatives, including automation and integration projects.

Skills & Competencies :

- Strong understanding of IAM concepts, including RBAC, PAM, MFA, and Zero Trust.

- Familiarity with IAM tools such as SailPoint IdentityIQ, CyberArk, Azure AD, and MFA solutions.

- Knowledge of security and compliance frameworks (NIST, ISO 27001, SOC2, PCI DSS).

- Excellent communication skills with the ability to explain technical concepts to non-technical stakeholders.

- Strong problem-solving skills and ability to work under pressure in a fast-paced environment.

Personal Specification :

Skills & Abilities :

- Knowledge of general industry IAM concepts and best practices

- Knowledge of security and compliance frameworks such as NIST/FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, Data Security Foundations, etc.

- Experience managing numerous, competing demands from internal and external stakeholders while maintaining excellent and on time delivery

- Excellent written and oral communications skills. The ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff and management

- The ability to prioritise work and deliver results in a pressurised environment, through tactical and strategic planning

- A demonstrated ability to develop strong relationships across businesses

- Confident and assured at interacting and communicating effectively with a range of stakeholders

- Self-motivation, with an ability to work with high degree of autonomy and to be results-driven with a flexible approach to working

- Strong understanding of IT security principles, standards, and best practices particularly relating to Identity & Access Management and Privileged Access Management

- Strong problem-solving skills to troubleshoot, be able to understand technically assigned tasks and follow documented procedures

- Ability to function under pressure in an independent environment demonstrating high-energy, detail-oriented proactiveness

Knowledge & Experience :

- At least three years work experience within the Identity and Access Management area

- Experience in technical, business, and/or IT roles with focus on Identity and Access Management

- Knowledge of general industry IAM concepts and best practices

- Knowledge of security and compliance frameworks such as NIST/FedRamp, SOX, SOC, ISO, SOC2, PCI, ZeroTrust, SaaS Security Framework, Data Security Foundations, etc.

- Experience of working and managing vendor IAM tools and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, Azure MFA etc

- Exceptional interpersonal skills and the ability to communicate effectively with both technical and non-technical audiences,

verbally and in writing

- Experience managing numerous, competing demands from internal and external stakeholders while maintaining excellent and on time deliver

- Establish IAM programme KPIs and reporting

- Document IAM processes and procedures

- Engage in the planning, designing, development, and testing of systems or applications, both for software enhancements and new products, which may include cloud-based or internet-related tools.

- Identify opportunities to minimise technology expenses and complexity, seeking ways to optimise resources

- Confidence working within agile methodologies

- Ability to handle sensitive situations with discretion and employ high ethical standards.

- Advanced understanding of sensitive data types, their handling requirements and how to respond to their exposure