Skip Navigation
Small team of young adult volunteers lifting a wooden wall frame


Make Your

Yes, we're a global network of universities. We're also much more. Every day, our professionals, teachers, students, and alumni touch societies around the world. We change lives. We make a difference. We also know that we're just getting started. At Laureate, today is the beginning of everything.


Search Jobs

Senior Business Analyst - Identity & Access Management (IAM)

Job ID 40703BR Date posted 08/21/2019 Institution Laureate Education, Inc. City Baltimore
Laureate Education is seeking an experienced Identity and Access Management business analyst, reporting to the head of the global enterprise-wide IAM program. The global Information Security Identity and Access Management (IAM) organization defines policy and delivers capabilities to empower Laureate Education to better control access to its data, systems and infrastructure via a seamless user experience.
This role is responsible for overseeing and guiding teams in the definition and implementation Identity and Access Management solutions.

You will be the business SME on the new IDaaS IAM solution throughout the corporation, partnering with technology and business owners to define requirements, feature and functions covering the full user lifecycle. With IAM leadership you will help drive the application adoption approach. Entitlement role and group definition with data mapping is a core function of this role. The ability to understand a partner’s access and privilege model, look for security risks and lead them through the process to migrate from a manual to an automated provisioning platform. Coupled with entitlement mapping, workflow process modeling and creation is the second core function of this role.

  • Business SME within the IAM domain.
  • Lead Analyst to define and drive secure IAM solution requirements.
  • Assume ownership of IDaaS system rollout and integration, work closely with teams to complete development and implementation tasks
  • Ability to dive deep, step-in and be hands-on when as needed.
  • Work within the CISO team of a large organization to promote the best Identity and Access Management practices.
  • Research problems and recommend solutions to improve security and processes by providing security IAM options.
  • Work closely with business partners, to champion Information security through IAM best practices
  • Serve as a business enabler via development support, clear planning and design documentation for properly-secured, policy-compliant, high-performance IAM integrations.
  • Produce regular status reports
  • Work with external vendors, system integrators and near/off shore teams.
  • Support for System and IAM related policy development and regulatory compliance
  • Support requirements/responses required from the 24x7 operations team
  • Support CISO Quality and Compliance efforts
  • Respond to Threat Intelligence reports
  • Contribute IAM domain knowledge in improving the security architecture
  • Understand business requirements and design IAM solutions
  • Interact and communicate with application teams on systems integration tasks, dependencies, and troubleshooting issues
  • Perform coarse and fine grain entitlement role & group definition and mapping
  • Ability to mentor junior staff and be a knowledge leader
  • Ability to work within an agile project methodology
  • Interest in information security and knowledge of Identity and Access Management controls
  • Some travel, <10%, may be required
  • 5+ years working within the Identity & Access Management domain
  • 5+ years working within the information security domain
  • 10+ years of technical business analyst experience within an SDLC; Agile team experience preferred
  • Strong discipline regarding enforcement of access management core principles
  • Experience in entitlement role / group data mapping
  • Large scale enterprise-wide project experience
  • Knowledge of the full user identity and access management lifecycle
  • Comfortable dealing with external vendors, system integrators and hosting partners.
  • Ability to work in Virtual, Geographically Dispersed Teams.
  • Ability to drive completion of required tasks independently.
  • Knowledge and experience of provisioning/deprovisioning workflows
  • Strong Data mapping experience across different source platforms
  • Strong knowledge of data inheritance and hierarchy
  • Expertise with identity management domain concepts and full user lifecycle management, with various data sources and workflows.
  • Strong workflow and process modeling documentation, creating swim lanes and flowcharts
  • Experience with access models such as RBAC and ABAC
  • Defining user stories and acceptance criteria
  • Facilitating implementation of new functionality through training and demonstrations
Equal Employment Opportunity
Our goal is to have a diverse workforce that is representative of our students and our communities. Laureate is an equal opportunity employer committed to hiring based upon merit. Individuals will be considered for positions for which they meet the minimum qualifications and are able to perform with or without reasonable accommodations. We do not discriminate on the basis of sex, race, color, religion, age, national origin, physical or mental disability, pregnancy, genetic information, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.