Job Summary

The Identity and Access Management Analyst is responsible for ensuring the secure and efficient management of user identities, access privileges, and authentication mechanisms within the company's IT infrastructure. The role requires a solid understanding of Identity and Access Management (IAM) concepts, processes, and technologies. The IAM Analyst is responsible in managing and maintaining the organization’s IAM processes and tools, collaborates with cross-functional teams, including IT security, compliance, and application development, to gather requirements and contribute to the development of IAM strategies that align with industry best practices and regulatory requirements and works closely with stakeholders to define workflows and ensure compliance with established policies and procedures.

Job Responsibilities

• Administers and maintains IAM systems, including identity provisioning, role-based access control (RBAC), and privileged access management (PAM).
• Assists in proper setup of user accounts, roles, and access privileges based on defined policies and procedures.
• Provides supports for user access reviews conducted by GRC and audits to ensure compliance with regulatory requirements, internal policies, and industry standards, and collaborates with stakeholders to remediate any identified access control issues or vulnerabilities.
• Participates in the design and maintenance of IAM processes and workflows, including user provisioning, deprovisioning, and access request management, to streamline operations and ensure efficient and secure access management.
• Collaborates with business units and application owners to gather requirements for access control and user provisioning and translates them into technical specifications for IAM system configuration and customization.
• Monitors IAM systems and tools, proactively identifying and resolving issues related to user authentication, authorization, and access provisioning, and coordinates with IAM engineers for more complex problems.
• Assists in the development and maintenance of IAM documentation, including procedures, guidelines, and training materials, to ensure consistent and standardized IAM practices across the organization.
• Supports user onboarding and offboarding processes, ensuring timely and accurate provisioning and deprovisioning of user accounts and access rights, and works closely with HR and IT teams to ensure smooth transitions.
• Participates in IAM-related projects, such as system upgrades, integration with other applications, or implementation of new IAM technologies, by providing analysis, testing, and documentation support.
• Stays updated on industry trends and best practices related to IAM, and shares knowledge and expertise with the IAM team and other relevant stakeholders, contributing to continuous improvement initiatives and enhancing the overall IAM program within the insurance company.

Job Qualifications

• 0-3 years of experience in Identity and Access Management, Information Security or a related field.
• Bachelor’s degree in Computer Science, Information Technology or a related field and/or commensurate experience.

Licenses and Certifications

• Certified Information Systems Security Professional (Preferred)

Behavioral Competencies

• Collaborates
• Communicates Effectively
• Customer Focus
• Decision Quality
• Nimble Learning

Technical Skills

• Access Governance
• Role-based Access
• Multi-Factor Authentication
• User Provisioning
• Identity Lifecycle
• Access Control
• Identity Federation
• Risk Assessment
• Audit and compliance reporting
• Privileged access management
• Familiarity with IAM tools such as SailPoint, Okta, or Microsoft Entra ID.
• Knowledge of regulatory frameworks (e.g., SOX, GDPR) and security standards (e.g., NIST, ISO 27001).
• Knowledge about scripting or automation for IAM processes (e.g., PowerShell, Python).

This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.