Governance Risk and Compliance (GRC) Business Analyst needs 5 years professional experience in business analysis, GRC, risk assessments, systems implementation/enhancements, and support of IT systems required.
Governance Risk and Compliance (GRC) Business Analyst requires:
Three years of experience in IAM working with enterprise-scale IGA platforms, PAM solutions and/or Access Management control implementations strongly preferred.
Hybrid
Experience leading cross-functional projects.
Strong knowledge of Agile, Waterfall, and other IT project management methodologies.
Understanding of GRC, information security, IT and business concepts
Ability to provide technical direction and drive innovation amidst uncertainty and ambiguity.
Able to evaluate the impact of business changes on systems.
Strong written and oral communication skills, including the ability to present ideas and suggestions clearly and effectively.
Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.
Strong organizational skills; ability to accomplish multiple tasks within the agreed upon timeframes through effective prioritization of duties and functions in a fast-paced environment.
Governance Risk and Compliance (GRC) Business Analyst duties:
Create and document detailed use cases, workflows, and business rules for the implementation of an enterprise-scale Identity Governance Administration (IGA) solution; Serve as the liaison between technical teams and non-technical business users.
Leverage knowledge and experience with IAM programs and IGA processes including Joiner/Mover/Leaver (JML), access request and approval workflows, access reviews and recertifications and role engineering and role lifecycle management.
Leverage knowledge and experience with risk assessments, findings, and tracking the remediation of open risk items by internal and external parties.
Ensure IAM solutions align with governance, risk, and compliance drivers (e.g., policies, regulatory and legal requirements)
Identify operational inefficiencies, conflicting business practices, and high-level integration issues, suggesting alternative solutions to cross-functional problems.
Partner and support information security project teams, including outside vendors, with timely, regularly scheduled delivery of system configuration requirements, data analysis deliverables, appropriate follow-ups on open risk items and other tasks as assigned.