Identity and Access Management Analyst

Why join us? 

Our purpose is to design for the good of humankind. It's the ideal we strive toward each day in everything we do. Being a part of MillerKnoll means being a part of something larger than your work team, or even your brand. We are redefining modern for the 21st century. And our success allows MillerKnoll to support causes that align with our values, so we can build a more sustainable, equitable, and beautiful future for everyone.

Role: Identity and Access Management Analyst

Location: Bangalore - India

Job Description

The MillerKnoll Identity and Access Management Analyst will work collaboratively with the global cross-functional teams to centrally perform user onboarding and offboarding, develop/maintain access approval workflows and other role-based access functions. The analyst will have primary responsibility for defining, creating, and managing the onboarding and offboarding process from MillerKnoll Technology systems to support and improve identity and access management practices. This position works closely with the Legal, Digital, Audit, Cybersecurity and Technology teams to help ensure that, policy, control, procedural obligations are effectively defined and implemented.

The analyst must be collaborative and flexible while developing solutions that meet changing cybersecurity and compliance requirements while supporting business function needs. This individual will help grow and mature identity and access management processes to gain efficiencies and effectiveness in collaboration with all departments. This position requires a deep understanding of identity and access management principles, but also broader implications of protections as a function of information/system lifecycle management and security and privacy by design. The analyst must possess high standards of legal and business ethics and a demonstrated ability to understand technology, independently problem solve, analyze large quantities of data, and clearly summarize and communicate facts.

Essential Functions:

• Manage user identity lifecycle including onboarding, offboarding, and account updates.
• Develop new user access approval processes.
• Perform review to identify unmanaged access approvals.
• Monitor compliance with policies, regulations, and customer requirements.
• Administer user accounts, permissions, and access controls.
• Investigate issues and recommend corrective actions.
• Identify opportunities to reduce the organization's risk by analyzing controls and processes, then recommend remediation actions and controls.
• Prioritize and communicate compliance requirements to technical and non-technical audiences.
• Support the development automation to improve business processes.
• Train users on policies and procedures.
• Stay up to date on evolving threats, technologies, and solutions.
• Collaborate with other departments to ensure secure access to systems and data.

Additional Functions:

• Stay current with identity and access management news and trends relevant to the business and industry.
• Participate in providing support for compliance-related incidents.
• Interface with other business units such as Cybersecurity to communicate program status and overall compliance and training posture.
• Promote a positive security/compliance culture through knowledge sharing, influences, and conduct.
• Create and maintain role-specific documentation.
• Assist with our government, risk, and compliance projects as time permits.

Knowledge, Skills, and Abilities

• Knowledge of Sarbanes–Oxley Compliance
• Knowledge of Identity and Access Management Principles
• Knowledge of Risk Management Framework (RMF) requirements.
• Knowledge of risk/threat assessment.
• Knowledge of laws, policies, procedures, or governance relevant to Cybersecurity for critical infrastructures.
• Knowledge of external organizations and academic institutions with a cyber focus (e.g., cyber curriculum/training and Research & Development).
• Knowledge of controls related to data use, processing, storage, and transmission.
• Skill in applying confidentiality, integrity, and availability principles.
• Skill in conducting information searches.
• Ability to communicate effectively when writing.
• Ability to apply critical reading/thinking skills.
• Interpret and apply laws, regulations, policies, standards, or procedures to specific issues.
• Provide ongoing optimization and problem-solving support.
• Provide recommendations for possible improvements and upgrades.
• Ability to tailor technical and planning information to a customer's level of understanding.
• Ability to work across departments and business units to implement the organization's privacy principles and programs and align privacy objectives with security objectives.

Qualifications

Education/Experience: Bachelor in Information Systems, Cybersecurity, or Business administration

• Overall a minimum of 5+ years of work experience in technology of which a minimum of 2 years should be relevant experience in Internal Audit, Compliance, or Information Security related roles

License and Certifications (Preferred) :

• One or more compliance certifications are preferred (e.g., CIPP, CIPM, CIPT, PCIP, QSA, CISA)

MillerKnoll is an equal opportunity employer.

Who We Hire?

Simply put, we hire qualified applicants representing a wide range of backgrounds and abilities. MillerKnoll is comprised of people of all abilities, gender identities and expressions, ages, ethnicities, sexual orientations, veterans from every branch of military service, and more. Here, you can bring your whole self to work. We're committed to equal opportunity employment, including veterans and people with disabilities.

MillerKnoll complies with applicable disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact MillerKnoll Talent Acquisition