Full job description Role: Cyber SecurityBusiness Analyst
Client: Investment Bank
Location: London, 4 days in office
Contract duration: 6 months rolling
Rate: £650 (inside IR35)
Responsibilities:
*Elicit, analyse, and document business and technical requirements for IAM and PAM programmes.
*Facilitate workshops with business, security, technology, and risk stakeholders.
*Support the implementation and enhancement of:
*Identity Governance & Administration (IGA)
*Privileged Access Management (PAM)
*Role-Based Access Control (RBAC)
*Single Sign-On (SSO)
*Multi-Factor Authentication (MFA)
*Access Certification and Recertification
*Joiner, Mover, Leaver (JML) processes
*Segregation of Duties (SoD) controls
*Analyse current-state and target-state access management processes.
*Produce high-quality documentation including:
*Business Requirements Documents (BRDs)
*Functional Specifications
*User Stories and Acceptance Criteria
*Process Maps
*Gap Analysis
*Data Flow Diagrams
*Work with technical teams to ensure IAM/PAM solutions meet business and security requirements.
*Support User Acceptance Testing (UAT), defect management, and implementation activities.
*Assist with audit, risk, and compliance reviews related to identity and privileged access controls.
*Contribute to governance frameworks, policies, and operational procedures.
Required Experience
*5+ years’ experience as a Business Analyst within Cyber Security, IAM, or PAM programmes.
*Strong understanding of Identity & Access Management principles and controls.
*Hands-on experience supporting IAM and PAM implementations.
*Experience gathering and documenting requirements for security-focused projects.
*Strong stakeholder management skills, including engagement with senior business and technical leaders.
*Knowledge of access governance, entitlement management, privileged account controls, and identity lifecycle management.
*Experience working within Agile and/or Waterfall delivery environments.
Desirable Technology Experience
Experience with one or more of:
*CyberArk
*BeyondTrust
*Delinea
*SailPoint
*Saviynt
*Microsoft Entra ID
*Okta
*Ping Identity
Desired Knowledge
*Identity Governance & Administration (IGA)
*Privileged Session Management (PSM)
*Privileged Account Governance
*Access Request & Approval Workflows
*Directory Services (Active Directory / Entra ID)
*Zero Trust principles
*ISO 27001, NIST, SOX, FCA, PRA, GDPR
*Cyber Security Risk and Controls