IT Security Analyst

NTT DATA Business Solutions Norge

Job Location:

Warsaw - Poland

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

IT Security Analyst

Role description:

Supports the enterprise-wide implementation of the Secrets & Credential Management project by analysing current-state processes identifying security and control gaps defining requirements and driving the secure governance of technical and workforce secrets. Ensures that secrets such as passwords SSH keys API keys certificates tokens and non-personal credentials are identified classified documented and prepared for controlled lifecycle management in line with security compliance and operational requirements.

Tasks & Responsibilities:

Conduct end-to-end analysis of existing secret and credential management practices across applications infrastructure platforms and operational processes.
Identify classify and document technical and workforce secrets including ownership usage storage location criticality lifecycle stage access model and associated risks.
Assess current-state control weaknesses such as unmanaged SSH keys hardcoded credentials shared accounts undocumented secret usage insufficient rotation and weak auditability.
Define and document detailed functional and non-functional requirements for centralized secrets management capabilities.
Support the design of compliant lifecycle processes for creation storage access usage rotation revocation emergency access and decommissioning of secrets.
Analyse dependencies across systems applications service accounts technical users and operational teams to support onboarding and migration planning.
Prepare clear and defensible security analysis deliverables including gap assessments process documentation risk assessments control requirements and remediation recommendations.
Facilitate and document workshops with technical operational and business stakeholders to gather requirements validate findings and resolve ambiguities.
Contribute to tool evaluation activities by translating operational and security needs into concrete assessment criteria and use cases.
Validate whether proposed solution approaches meet defined security compliance and operational expectations.
Support reporting and governance activities by maintaining traceability of findings risks requirements remediation items and implementation dependencies.
Ensure analysis outputs are audit-ready internally consistent and suitable for decision-making at project and stakeholder governance level.

Skills and experience you will need:

At least 5 years of experience in a similar position.
At least 2 years of experience in working with IAM projects.
Strong experience in IT security analysis security requirements engineering control assessment or security governance in complex enterprise environments.
Proven knowledge of secrets and credential types including passwords SSH keys API keys tokens certificates service accounts and privileged credentials.
Experience in analysing IT processes identifying control gaps and translating findings into implementable security requirements.
Strong understanding of IAM PAM least privilege segregation of duties auditability and secure access governance.
Ability to work across technical and non-technical stakeholder groups and drive structured analysis in ambiguous environments.
Strong documentation workshop facilitation and communication skills in English.
Experience in regulated global or highly controlled environments.

Nice to Have

Experience with CyberArk HashiCorp Vault Azure Key Vault AWS Secrets Manager GCP Secret Manager or similar platforms.
Knowledge of ISO 27001 NIST CIS Controls or enterprise security governance frameworks.
Experience in transformation or migration projects involving credential centralization and legacy cleanup.

What we offer:

The opportunity to participate in a variety of projects.
Multisport Plus card.
Private medical care (LUX MED).
Group insurance.
Access to comprehensive psychological support individual sessions with coaches and psychodietitians as well as inspiring webinars.
Remote work from any location or a hybrid model using our offices located in Poznań.
A home office package to increase remote work comfort (chair additional monitor ergonomic mouse etc.).
Modern offices equipped with amenities such as a pool table foosball darts and relaxation zones.
Opportunities to spend time together after work - combining our employees passions through ski trips cycling tours and sailing adventures.
Regular company-wide and team-based integration events as well as many other occasions to meet and exchange ideas with colleagues.
Celebrations of important moments in the lives of our employees.
An open approach to new ideas and initiatives including charity actions.

Apply!

Required Experience:

IT Security AnalystRole description:Supports the enterprise-wide implementation of the Secrets & Credential Management project by analysing current-state processes identifying security and control gaps defining requirements and driving the secure governance of technical and workforce secrets. Ensure...

IT Security Analyst

Role description:

Tasks & Responsibilities:

Conduct end-to-end analysis of existing secret and credential management practices across applications infrastructure platforms and operational processes.
Identify classify and document technical and workforce secrets including ownership usage storage location criticality lifecycle stage access model and associated risks.
Assess current-state control weaknesses such as unmanaged SSH keys hardcoded credentials shared accounts undocumented secret usage insufficient rotation and weak auditability.
Define and document detailed functional and non-functional requirements for centralized secrets management capabilities.
Support the design of compliant lifecycle processes for creation storage access usage rotation revocation emergency access and decommissioning of secrets.
Analyse dependencies across systems applications service accounts technical users and operational teams to support onboarding and migration planning.
Prepare clear and defensible security analysis deliverables including gap assessments process documentation risk assessments control requirements and remediation recommendations.
Facilitate and document workshops with technical operational and business stakeholders to gather requirements validate findings and resolve ambiguities.
Contribute to tool evaluation activities by translating operational and security needs into concrete assessment criteria and use cases.
Validate whether proposed solution approaches meet defined security compliance and operational expectations.
Support reporting and governance activities by maintaining traceability of findings risks requirements remediation items and implementation dependencies.
Ensure analysis outputs are audit-ready internally consistent and suitable for decision-making at project and stakeholder governance level.

Skills and experience you will need:

At least 5 years of experience in a similar position.
At least 2 years of experience in working with IAM projects.
Strong experience in IT security analysis security requirements engineering control assessment or security governance in complex enterprise environments.
Proven knowledge of secrets and credential types including passwords SSH keys API keys tokens certificates service accounts and privileged credentials.
Experience in analysing IT processes identifying control gaps and translating findings into implementable security requirements.
Strong understanding of IAM PAM least privilege segregation of duties auditability and secure access governance.
Ability to work across technical and non-technical stakeholder groups and drive structured analysis in ambiguous environments.
Strong documentation workshop facilitation and communication skills in English.
Experience in regulated global or highly controlled environments.

Nice to Have

Experience with CyberArk HashiCorp Vault Azure Key Vault AWS Secrets Manager GCP Secret Manager or similar platforms.
Knowledge of ISO 27001 NIST CIS Controls or enterprise security governance frameworks.
Experience in transformation or migration projects involving credential centralization and legacy cleanup.

What we offer:

The opportunity to participate in a variety of projects.
Multisport Plus card.
Private medical care (LUX MED).
Group insurance.
Access to comprehensive psychological support individual sessions with coaches and psychodietitians as well as inspiring webinars.
Remote work from any location or a hybrid model using our offices located in Poznań.
A home office package to increase remote work comfort (chair additional monitor ergonomic mouse etc.).
Modern offices equipped with amenities such as a pool table foosball darts and relaxation zones.
Opportunities to spend time together after work - combining our employees passions through ski trips cycling tours and sailing adventures.
Regular company-wide and team-based integration events as well as many other occasions to meet and exchange ideas with colleagues.
Celebrations of important moments in the lives of our employees.
An open approach to new ideas and initiatives including charity actions.

Apply!

Required Experience: