Job Description
Job Title:
Information Protection Lead Analyst
Employment Type
Full Time
Location
Hyderabad
Interview Mode
Face-to-Face Interview (Only one round of interview)
Job Description
We are looking for an experienced Information Protection Lead Analyst for one of our clients in Hyderabad, who can attend a Face-to-Face interview ,
The Information Protection Lead Analyst supports and leads Identity Governance operations by executing, validating, and overseeing Identity & Access Management (IAM) controls across the enterprise, with a strong focus on risk mitigation and audit readiness. This role is responsible for ensuring accurate, consistent, and risk-aligned execution of the User Access Review (UAR) lifecycle and entitlement governance processes, proactively identifying and remediating access-related risks, and enforcing least privilege principles. In addition to hands-on delivery, the Lead Analyst provides mentorship and quality oversight to junior analysts, ensuring deliverables meet standards for completeness, accuracy, and compliance. Through cross-functional collaboration, this role drives effective control execution in alignment with SOX, SOC1/SOC2, HIPAA, and internal audit requirements, contributing to strengthened control effectiveness and a sustained zero- findings posture
1. Access Review Lifecycle Execution & Risk Mitigation
- Lead the end-to-end execution of Identity Access Reviews (UAR) across in-scope applications, ensuring alignment with enterprise risk management objectives.
- Perform rigorous validation of review inputs and outputs to ensure population completeness, entitlement accuracy, and least privilege enforcement.
- Proactively identify and assess access-related risks, including excessive privileges, toxic combinations, and orphaned accounts.
- Drive timely completion of manager certifications by monitoring SLAs, escalating delays, and mitigating risk of non-compliance.
- Partner with application owners to remediate identified access risks, ensuring corrective actions are tracked, validated, and completed within defined timeframes.
- Produce and maintain audit-ready evidence supporting all phases of the review lifecycle, ensuring traceability and defensibility.
2. Entitlement Governance & Evidence Integrity
- Oversee entitlement inventory management, ensuring data integrity, standardization, and alignment with control requirements.
- Validate entitlement evidence through structured review processes to confirm accuracy, completeness, and appropriate access design.
- Identify gaps in entitlement definitions or ownership that may introduce control weaknesses or audit exposure, and drive remediation.
- Support periodic certification cycles (quarterly/semi-annual) with a focus on reducing risk through improved entitlement clarity and governance.
3. Compliance, Controls & Continuous Risk Reduction
- Ensure IAM controls operate effectively in compliance with SOX, SOC1/SOC2, HIPAA, and internal audit standards, with a focus on preventing control failures.
- Identify, document, and assess control gaps, deficiencies, and emerging risks, and lead development of mitigation strategies.
- Partner with IAM leadership and audit stakeholders to prioritize remediation efforts based on risk severity and regulatory impact.
- Maintain comprehensive, audit-defensible documentation supporting control execution, including process narratives, SOPs, and evidence artifacts.
- Drive a zero-findings posture by enforcing standardized processes, improving control design, and strengthening operational discipline.
4. IAM Tooling, Data Analytics & Risk Insights
- Utilize IAM platforms (e.g., Saviynt) to execute campaigns, analyze access data, and detect anomalies or high-risk access patterns.
- Perform advanced data analysis using Excel (and/or SQL) to validate population completeness, reconcile discrepancies, and identify systemic control issues.
- Develop and implement data-driven controls and quality checks to proactively mitigate risk and improve accuracy of review datasets.
- Support automation and continuous improvement initiatives to reduce manual effort and minimize risk exposure.
5. Cross-Functional Collaboration & Risk Communication
- Act as a key liaison across IAM, application teams, compliance, and audit partners to drive risk-informed decision-making.
- Clearly communicate risk findings, control deficiencies, and remediation requirements to stakeholders at all levels.
- Influence application teams to adopt secure access design and least privilege principles to reduce future risk exposure.
- Lead and contribute to process improvement initiatives that enhance control effectiveness, audit readiness, and operational efficiency.
6. Leadership & Oversight
- Mentor and guide junior analysts in risk identification, control validation, and audit expectations, reinforcing consistency in control execution.
- Provide quality assurance (QA) oversight of team deliverables to ensure accuracy, completeness, and adherence to compliance standards.
- Establish and enforce standardized review practices and validation checkpoints to reduce variability and audit risk across analysts.
- Act as an escalation point for complex risk scenarios, providing expert judgment and direction on remediation strategies.
- Support workload prioritization and execution planning with a focus on risk-based decision making and resource optimization.
Education:
- Bachelors degree and equivalent experience required
Experience:
- 5-8 years of experience
- 13+ years of experience in Identity & Access Management, Information Security, or related technical fields.
Required Skills:
- Advanced Microsoft Excel skills, including pivot tables, complex formulas, largedataset handling, and data validation.
- Strong understanding of IAM concepts: entitlements, leastprivilege, certification workflows.
- Ability to interpret technical access data and communicate it to nontechnical audiences.
- Familiarity with compliance frameworks (SOX, SOC1/SOC2, HIPAA) and audit expectations.
- Experience with IAM tools such as Saviynt (preferred).
Preferred Qualifications
- Exposure to SQL for data validation or reporting.
- Prior experience in Privileged Access Management (PAM) or application access onboarding.
Success Measures
- Accurate, highquality execution of each review cycle with minimal data defects.
- Ontime completion of all UAR and entitlement review tasks.
- High standard of audit readiness, demonstrated by complete, wellorganized evidence packages.
- Maintain a 99.999% audit success rate with zero compliance findings, supporting enterprise audit objectives.
- Positive feedback from IAM leaders, auditors, and application partners on review accuracy and responsiveness.
No Referrers Available
There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.