Senior IAM GRC Analyst L2 - Tieto Tech Consulting (m/f/d)
- Full-time
- Remote Type: Hybrid
- Job Area: Technical and Functional Expertise
- Business Unit: Tech Consulting
Job Description
Role Summary
The Senior IAM Governance, Risk & Compliance (GRC) Analyst is responsible for supporting and strengthening Identity and Access Management governance programs across the enterprise. The role focuses on access governance, compliance management, audit support, access certification, risk management, control implementation, and continuous improvement of IAM processes. The analyst will work closely with application owners, business stakeholders, security teams, compliance teams, and auditors to ensure secure, compliant, and efficient access management practices aligned with organizational policies and regulatory requirements.
Key Responsibilities
IAM Governance & Compliance
- Support implementation and maintenance of IAM governance controls across enterprise applications and technology platforms.
- Assist in developing and maintaining IAM policies, standards, procedures, and control frameworks.
- Monitor IAM control effectiveness and compliance with organizational security requirements.
- Support governance initiatives related to identity lifecycle management, access management, and compliance activities.
- Contribute to IAM strategy, governance roadmaps, and process improvement initiatives.
Access Governance & Certification
- Coordinate and support periodic user access reviews and access certification campaigns.
- Review and validate user access, entitlements, and role assignments.
- Support role governance, entitlement management, and Segregation of Duties (SoD) review activities.
- Identify inappropriate access, policy violations, and access control risks.
- Assist with remediation tracking and closure of governance findings.
Audit, Risk & Compliance Management
- Support internal and external audit activities by gathering evidence and responding to audit requests.
- Maintain audit documentation and compliance records.
- Track audit observations, findings, and remediation plans.
- Conduct control assessments and identify governance gaps.
- Assist in risk assessments related to identity and access management processes.
- Support compliance initiatives aligned with regulatory and industry frameworks.
Application Onboarding & Governance
- Support governance activities associated with onboarding new applications into IAM solutions.
- Review access models, role structures, and governance controls for new applications.
- Collaborate with application owners to ensure governance requirements are met.
- Support integration of governance controls into application onboarding processes.
Governance Reporting & Documentation
- Develop and maintain governance procedures, SOPs, workflows, and control documentation.
- Prepare governance metrics, compliance reports, dashboards, and management reports.
- Maintain audit evidence repositories and governance records.
- Document process improvements and control enhancements.
- Support governance reporting for leadership and compliance stakeholders.
Stakeholder Collaboration
- Partner with business stakeholders, security teams, technology teams, compliance teams, and auditors.
- Provide guidance on IAM governance requirements and access governance best practices.
- Participate in governance meetings, compliance reviews, and risk discussions.
- Support remediation activities and continuous improvement initiatives.
Continuous Improvement
- Identify opportunities to improve governance processes and control effectiveness.
- Recommend automation and optimization opportunities for access governance processes.
- Support implementation of governance best practices across IAM operations.
- Contribute to maturity improvement initiatives within IAM governance programs.
Required Technical Skills
Identity Governance & Administration
- Strong understanding of IAM governance, access governance, and identity lifecycle management.
- Experience supporting access certification and entitlement review programs.
- Knowledge of role-based access control (RBAC), entitlement management, and Segregation of Duties (SoD).
- Understanding of identity governance and compliance processes.
Governance, Risk & Compliance
- Experience supporting compliance initiatives, audit readiness, and control monitoring.
- Knowledge of risk assessment methodologies and remediation processes.
- Experience documenting controls, procedures, and governance requirements.
- Familiarity with compliance reporting and evidence collection.
IAM Technologies
- Microsoft Entra ID (Azure AD)
- Okta
- SailPoint
- CyberArk
- SAP GRC
- Saviynt (Preferred)
- Oracle Identity Governance (Preferred)
Access Governance
- User Access Reviews
- Access Certification Campaigns
- Entitlement Management
- Role Management
- Segregation of Duties (SoD)
- Compliance Monitoring
ITSM & Process Management
- ServiceNow or equivalent ITSM platform
- ITIL framework knowledge
- Incident, Change, and Request Management processes
Documentation & Reporting
- Process Documentation
- Governance Reporting
- Audit Evidence Management
- Dashboard & Metrics Preparation
Preferred Qualifications
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Engineering, or related discipline.
- 4–8 years of experience in IAM Governance, Access Governance, Compliance Management, Information Security, or related fields.
- Experience supporting enterprise IAM governance initiatives across cloud and on-premises environments.
- Experience collaborating with auditors, compliance teams, and control owners.
- Familiarity with SOX, ISO 27001, NIST, PCI-DSS, GDPR, or similar regulatory frameworks.
Preferred Certifications
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Certified Identity and Access Manager (CIAM)
- Microsoft Identity & Access Administrator (SC-300)
- Okta Certified Professional
- SailPoint Identity Security Certification
- ITIL Foundation
Additional Information
At Tieto, we believe in the power of diversity, equity, and inclusion. We encourage applicants of all backgrounds, genders (m/f/d), and walks of life to join our team, as we believe that this fosters an inspiring workplace and fuels innovation. Our commitment to openness, trust, and diversity is at the heart of our mission to create digital futures that benefit businesses, societies, and humanity.
By clicking the link above or any third-party link within this posting, you are leaving this site and going to a third-party website where the third-party website's terms and privacy policy apply