GRC- IDENTITY ACCESS MANAGEMENT ANALYST

Do you want to have an impact every day by making people safe - and bringing them peace of mind? Interested in being part of a dedicated, passionate team which believes that security is a human right? Looking to join a company where innovation and technology are at the heart of its solutions?What we look forHighly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads. An effective communicator, you’ll be a confident team player with a genuine passion to make things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.Job purposeWe have one global role, Identity and Access Management Business Senior Analyst, available in Madrid (Spain), Mälmo (Sweden) or Amsterdam (Netherlands). Reporting to the Process Security Risk Team Lead which is part of the Infosec Department, you will hold a key role in safeguarding an organization’s digital assets and ensuring secure access for authorized users. The ideal candidate will have experience on developing and implementing IAM programs, user access management (role-based access control (RBAC)), and identity and access management principles.Main ResponsibilitiesDevelop and maintain an IAM framework that allow effective monitoring, management and mitigation aligned with business objectives associated to the operations of our organization and our technology.Support to develop security standards, procedures, policies and necessary modifications to existing ones regarding IAM.Review Identity and Access Management process, covering user lifecycle, regular recertification processes, exceptions, and approvals, in line with Verisure policies.Understand the security needs of internal and external stakeholders, regulators, and auditors and support IAM related controls for an increasing number of regulations.Support, perform and control the full audit cycle over IAM controls effectiveness and compliance with all applicable directives and regulations.Engage and interact with key stakeholders and provide strategic level advice on the cybersecurity domains to all of them.Required QualificationsMinimum qualificationsBachelor’s computer Information Systems or related discipline and 3 year of direct experience in information security, with a main emphasis on Information Security & IT risk and compliance.Proven experience working with identity and access management concepts and a pragmatic approach developed through on experience working on IAM programs:o Strong knowledge of identity management standards and technical skills on access control on different technologies (eg. Unix, linux, Windows, Oracle, SQL, RACF, OS400, etc.).o Strong understanding of RBAC principles and experience in developing and implementing RBAC policies.o Defining, creating, and executing of an IAM control framework, not only internally but also for third-party and partners. It is key also have experienced in documenting security procedures, policies, and standards with focus on development of workflows and documentation related to identity and access management.o Performing assessments and conducting compliance and maturity assessments using international standards and best practices from various industries related to IAM.o Ensuring that all risks, vulnerabilities, and non-conformities related with Identity and Access Management are actively managed, monitored, documented, and mitigated if possible.o Defining and tracking KPIs/KRIs and generating reporting adapted for different levels and stakeholders.Work experience in a professional environment preferred, including:o Demonstrated planning and problem-solving skills and ability to analyze complex technical issues.o Thorough understanding of market structures, including relevant regulatory compliance requirements (PCI DSS, SOC 2 , NIST, GDPR, COBIT, ITIL, etc.).o Experience organizing and carrying out risk assessment and compliance projects.o Ability to successfully manage audits (external, internal and third-party ones), compile evidence, and organize audit responses.o Experience with project management and process improvement.o Ability to build professional relationships and collaborate effectively with peers and stakeholders.o Effective verbal and written communication skills and be comfortable presenting to different levels within and outside of the organization and technical and non technical skills.o Fluent written and verbal communication skills in English.o Travel availability.Preferred qualifications / Personal CharacteristicsRelevant security certification like:o ISO/IEC 27001 Lead Auditor e Implementer (Security Information Management) certification;o ISACA – Certified Information Systems Auditor (CISA) certification;o ISACA – Certified in Risk and Information Systems Control (CRISC) certification.Proficient with MS Office, project management, and at least one GRC tool (recommended).Familiarity with IAM tools, such as Sailpoint, CyberArk, etc., and Active Directory.Familiarity with Information systems auditing, monitoring, controlling, and process assessment.Familiar with current home security / smart home technologies, future developments and understanding of business models behind them.