GRC Analyst Multi-Tenant Access Control & Role Governance Analyst

Required Skills & Experience

• 35 years of experience in Information Security GRC or IAM roles.
• Strong handson experience with Identity and Access Management (IAM) and RoleBased Access Control (RBAC).
• Direct demonstrated experience supporting SOX compliance audit readiness and control remediation.
• Experience analyzing and documenting access models roles and entitlements across complex platforms.
• Ability to communicate complex security and risk concepts clearly to both technical and nontechnical stakeholders.
• Proven track record of crossfunctional collaboration with Engineering Product Security and business teams.
• Strong analytical and investigative skills with the ability to identify root causes and drive remediation plans.
• Ability to balance security compliance and business needs with a pragmatic solutionoriented mindset.

NicetoHave Skills

• Experience working in SaaS or multitenant platform environments.
• Familiarity with governance and control frameworks such as NIST COSO or ISO 27001.
• Prior experience building or migrating to a centralized RBAC or IGA solution.
• Exposure to cloud platforms modern application architectures or security tooling.
• Experience supporting regulated or publicly traded companies.

Impact & Value

• Strengthen Organizations SOX compliance posture and audit readiness during a critical platform transformation.
• Enable secure scalable and compliant access control for a growing multitenant environment.
• Reduce access risk and operational complexity through improved role clarity governance and standardization.
• Build a strong foundation for future RBAC and identity governance initiatives.
• Directly contribute to customer trust regulatory confidence and longterm platform resilience.

Key Responsibilities

• Lead the evolution of access control from a singletenant to a multitenant architecture ensuring security and compliance are built in by design.
• Drive remediation of SOX compliance gaps related to access control and role governance.
• Serve as a primary contributor to the Role Discovery and Governance Program including analysis documentation and rationalization of 200 existing roles.
• Collaborate with GRC Security Engineering and Product teams to design and maintain a centralized Role Catalog as a single source of truth.
• Document business purpose ownership access usage and entitlement consumption for each role to eliminate ambiguity and enable future RBAC migration.
• Design and help implement a formal governance framework covering the full role lifecycle (creation modification review deprecation).
• Analyze the current role landscape to identify opportunities for role simplification consolidation and retirement of redundant or inactive roles.
• Partner with business process owners and engineering teams to embed compliant access controls into system and process design.
• Support internal and external audits including SOX audits control testing evidence collection and remediation of findings.
• Act as a trusted advisor on IAM role governance and access risk in a fastscaling SaaS environment.

Regards

Mohammed ilyas

PH - or Text - or you can share the updated resume at com

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Remote Work :

Yes

Employment Type :

Contract