Specialist CyberSecurity IAM And Secrets Management Business Analyst

📍 Location: Pune / Hyderabad

🧠 Experience: 5–7 Years

💼 Type: Permanent

📄 Job Description

We are seeking a skilled CyberSecurity Business Analyst – IAM & Secrets Management to join our dynamic cybersecurity team. This role is responsible for managing and enhancing the Identity & Access Management (IAM) controls with a focus on Secrets Management, access governance, and compliance reporting in a highly regulated environment.

🔐 Key Responsibilities

🔑 IAM & Secrets Management

• Define and enhance secrets management controls across machine-to-machine authentication systems.
• Support IAM operations by maintaining access governance for credentials, keys, and tokens.
• Provide subject matter expertise (SME) on secrets and credential management tools and best practices.
  
  

• Work with IAM Control Owners to define and track KPIs/KCIs/KRIs.
• Maintain dashboards and generate periodic reporting for Cybersecurity leadership and stakeholders.
  
  

• Evaluate IAM controls against regulatory frameworks such as GDPR, SOX, PCI DSS, ISO 27001.
• Identify cybersecurity exposure risks and support remediation planning.
• Implement strong governance processes for continuous compliance and risk reduction.
  
  

• Collaborate with business units, IT, cybersecurity, and operations teams across global regions.
• Provide support during audits and external reviews.
• Lead cross-functional teams to define IAM standards, policies, and procedures.
  
  

• Recommend improvements for IAM and Secrets Management efficiency, security, and scalability.
• Prepare and maintain key project artifacts: project charters, plans, dashboards, reports, and closure documents.
  
  

• 5–7 years in Cybersecurity, IAM, or Access Governance roles.
• Strong knowledge of IAM controls, credential governance, and secrets management frameworks.
• Hands-on experience in:
• Application Security tools:
• MicroFocus Fortify (SAST/DAST),
• Checkmarx,
• Black Duck/Sonatype IQ,
• Veracode, Synopsys
• Strong understanding of risk management and compliance metrics (KPIs, KRIs, KCIs).
• Familiarity with project management and governance frameworks.
• Excellent communication and presentation skills.
• Certifications such as CISSP, CISM, or other IAM-related credentials are preferred.
  

• Application Security – MicroFocus Fortify (SCA, SAST, DAST)
• Application Security – Open Source Tools (Black Duck, Sonatype IQ)
• Application Security – Veracode, Synopsys, Checkmarx
• IAM Governance, KPIs/KCIs, Risk Management
• Regulatory Framework Awareness (SOX, ISO 27001, PCI DSS, GDPR)