Cyber Security Business Analyst IAM/PAM - Bonhill Partners

Role: Cyber SecurityBusiness Analyst (IAM/PAM)

Client:Investment Bank

Location:London, 4 days in office

Contract duration:6 months rolling

Rate:£650 (inside IR35)

Responsibilities:

1. Elicit, analyse, and document business and technical requirements for IAM and PAM programmes.
2. Facilitate workshops with business, security, technology, and risk stakeholders.
3. Support the implementation and enhancement of:
4. Identity Governance & Administration (IGA)
5. Privileged Access Management (PAM)
6. Role-Based Access Control (RBAC)
7. Single Sign-On (SSO)
8. Multi-Factor Authentication (MFA)
9. Access Certification and Recertification
10. Joiner, Mover, Leaver (JML) processes
11. Segregation of Duties (SoD) controls
12. Analyse current-state and target-state access management processes.
13. Produce high-quality documentation including:
14. Business Requirements Documents (BRDs)
15. Functional Specifications
16. User Stories and Acceptance Criteria
17. Process Maps
18. Gap Analysis
19. Data Flow Diagrams
20. Work with technical teams to ensure IAM/PAM solutions meet business and security requirements.
21. Support User Acceptance Testing (UAT), defect management, and implementation activities.
22. Assist with audit, risk, and compliance reviews related to identity and privileged access controls.
23. Contribute to governance frameworks, policies, and operational procedures.

1. 5+ years' experience as a Business Analyst within Cyber Security, IAM, or PAM programmes.
2. Strong understanding of Identity & Access Management principles and controls.
3. Hands-on experience supporting IAM and PAM implementations.
4. Experience gathering and documenting requirements for security-focused projects.
5. Strong stakeholder management skills, including engagement with senior business and technical leaders.
6. Knowledge of access governance, entitlement management, privileged account controls, and identity lifecycle management.
7. Experience working within Agile and/or Waterfall delivery environments.

Experience with one or more of:

1. CyberArk
2. BeyondTrust
3. Delinea
4. SailPoint
5. Saviynt
6. Microsoft Entra ID
7. Okta
8. Ping Identity

1. Identity Governance & Administration (IGA)
2. Privileged Session Management (PSM)
3. Privileged Account Governance
4. Access Request & Approval Workflows
5. Directory Services (Active Directory / Entra ID)
6. Zero Trust principles
7. ISO 27001, NIST, SOX, FCA, PRA, GDPR
8. Cyber Security Risk and Controls