IAM Business Systems Analyst

Job Description

We are looking for a technical Business Systems Analyst to help mature our Identity and Access Management program. In this role, you will partner closely with IAM Engineers to build a strong, scalable foundation and drive the implementation of security best practices across the organization.

You will act as a bridge between business needs and technical execution, designing logical frameworks that leverage Attribute-Based Access Control (ABAC) and Role-Based Access Control (RBAC) methodologies within Okta. Your goal is to move the organization toward an automated, "least privilege" environment that is both secure and efficient.

Core Responsibilities

IAM Strategy & Best Practices (RBAC/ABAC)

• Access Model Design: Collaborate with business stakeholders to define and refine "Birthright" access bundles, mapping business roles to technical entitlements to support a scalable RBAC model.
• Automation Logic: Analyse workforce data to identify reliable user attributes (e.g., Department, Location, Cost Centre) and design ABAC policies that automate the provisioning lifecycle.
• Policy Translation: Translate complex business requirements into clear, logical technical specifications for Okta policies, ensuring that access rules are documented, consistent, and scalable.

Okta Environment & Group Management

• Directory Hygiene: Establish and maintain governance standards for group management, ensuring the directory remains clean, audit-ready, and free of "stale" or empty groups.
• Dynamic Group Strategy: Promote the use of dynamic, rule-based groups over static assignments to reduce manual overhead and human error.
• Standardisation: Define and implement naming conventions for groups and applications to ensure long-term maintainability and prevent directory pollution.

Operational Analysis & Partnership

• Application Integration: Scale our ability to support the functional onboarding of SaaS applications (SAML/OIDC), gathering requirements for attribute mapping and user entitlement flows.
• Process Improvement: Analyse current Joiner, Mover, and Leaver (JML) processes to identify bottlenecks and security gaps, proposing solutions to streamline operations.
• Documentation & Support: Create clear technical documentation, process flows, and data mapping sheets. Assist in troubleshooting complex access issues by tracing data flow from HR source to downstream applications.

Qualifications

• IAM Experience: 6+ years of experience as a BSA within Identity and Access Management, with a strong understanding of IAM principles, including Least Privilege, Segregation of Duties, and Lifecycle Management.
• Okta Expertise: Solid experience working within the Okta ecosystem. You should be comfortable with the logic behind Group Rules, Expression Language, and Application Policies
• Methodology: A strong conceptual understanding of RBAC vs. ABAC models and experience helping organisations transition from manual provisioning to automated, policy-based controls.
• Communication: Excellent ability to translate technical IAM concepts into business-friendly language for stakeholders, and vice versa
• Analytical Mindset: Experience in analysing data sets to find patterns that can be used to build better security policies.