Business Analyst - Cybersecurity and Identity & Access Management

About the Role:

As a Business Analyst specializing in IAM/IGA, you will be the crucial link between business operations and technical cybersecurity solutions. You will work closely with stakeholders across various retail lines of business, including e-commerce, brick-and-mortar, supply chain, and corporate functions, to understand their unique identity and access requirements. Your expertise will drive the analysis, design, and implementation of robust IAM/IGA strategies and solutions, ensuring secure and seamless operations while adhering to regulatory compliance and industry best practices.

This position offers an exciting opportunity to contribute to high-impact cybersecurity projects within a dynamic retail environment, directly influencing the protection of customer data, intellectual property, and critical business assets.

Key Responsibilities:

1) Requirements Elicitation & Analysis: Collaborate with business stakeholders across multiple retail lines of business to identify, gather, and document detailed functional and non-functional requirements for IAM and IGA initiatives.

2) Process Optimization & Design: Analyze existing identity and access management processes and workflows, identifying inefficiencies and areas for improvement. Design optimized, secure, and scalable processes for user provisioning, de-provisioning, access requests, access reviews/certifications, and privileged access management (PAM).

3) Solution Definition & Support: Translate complex business requirements into clear, concise technical specifications and user stories for IAM/IGA solutions. Work closely with technical teams (architects, developers, security engineers) during the design, development, testing, and deployment phases to ensure solutions meet business needs and security standards.

4) Stakeholder Management & Communication: Serve as the primary liaison between business units, IT, and cybersecurity teams. Facilitate workshops, conduct presentations, and provide regular updates to ensure alignment and manage expectations across all levels of the organization.

5) Compliance & Governance: Support the definition and enforcement of identity and access policies, ensuring adherence to internal security policies, regulatory requirements, and industry best practices. Assist in preparing for and responding to internal and external audits related to access controls.

6) Documentation & Training: Create comprehensive documentation, including business requirements documents (BRDs), functional specifications, process flows, use cases, and training materials. Provide training and support to end-users and administrators on new IAM/IGA processes and tools

Qualifications:

1) Bachelor's degree in Information Technology, Computer Science, Business Administration, Cybersecurity, or a related field.

2) Proven experience (typically 3+ years) as a Business Analyst, with a significant focus on cybersecurity projects

3) Demonstrable experience working on Identity and Access Management (IAM) and Identity Governance and Administration (IGA) initiatives

4) Understanding of core IAM concepts, including authentication, authorization, provisioning, de-provisioning, role-based access control (RBAC), and privileged access management (PAM)

5) Familiarity with IGA tools and platforms (e.g., SailPoint, Saviynt, Microsoft Entra ID Governance, Okta, ForgeRock) is highly desirable.

6) Experience working within the retail sector or with multiple lines of business, understanding their unique operational and security challenges.

Skills:

Excellent analytical and problem-solving skills, with the ability to translate complex business problems into actionable requirements.

Strong communication (written and verbal) and interpersonal skills, capable of engaging effectively with technical teams and non-technical business stakeholders at all levels.

Proficiency in requirements elicitation techniques (interviews, workshops, surveys).

Ability to work independently and collaboratively in a fast-paced, agile environment.

Certifications such as CBAP, CCBA, CISSP, CISM, or similar are a plus.