IT Security Analyst

Job description

IT Security Analyst Role description: Supports the enterprise-wide implementation of the Secrets & Credential Management project by analysing current-state processes, identifying security and control gaps, defining requirements, and driving the secure governance of technical and workforce secrets. Ensures that secrets such as passwords, SSH keys, API keys, certificates, tokens and non-personal credentials are identified, classified, documented, and prepared for controlled lifecycle management in line with security, compliance, and operational requirements. Tasks & Responsibilities: - Conduct end-to-end analysis of existing secret and credential management practices across applications, infrastructure, platforms, and operational processes. - Identify, classify and document technical and workforce secrets, including ownership, usage, storage location, criticality, lifecycle stage, access model, and associated risks. - Assess current-state control weaknesses such as unmanaged SSH keys, hardcoded credentials, shared accounts, undocumented secret usage, insufficient rotation, and weak auditability. - Define and document detailed functional and non-functional requirements for centralized...