Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as a Cybersecurity Business Analyst, focusing on access management and risk evaluation.
- Company: Vallum Associates is a leading consultancy in IT security and governance.
- Benefits: Enjoy flexible working with 3 days onsite and competitive perks.
- Why this job: Make an impact in banking cybersecurity while collaborating with diverse teams and enhancing your skills.
- Qualifications: 5+ years in IT security or IAM, with hands-on experience in AWS, Azure, and GCP.
- Other info: This role offers a chance to work with cutting-edge cloud technologies and SaaS identity management.
The predicted salary is between 48000 - 72000 ÂŁ per year.
Location: Sheffield (3 days/week onsite)
Duration: 06+ Months
Banking Client Experience Required
Job Description:
- Should excel at eliciting and documenting requirements, mapping “as-is” and “to-be” access-management processes, conducting gap analysis, and producing clear reports and presentations for stakeholders.
- Strong communication skills to align Security, DevOps, and business teams, plus a data-driven mindset for analysing IAM logs and evaluating risk.
- On the cloud side, they must understand IAM constructs in AWS (users, roles, policies, permission boundaries), Azure (Azure AD, RBAC, PIM), GCP (principals, roles, policy bindings), and Alibaba Cloud (RAM users, groups, roles, and policy management), as well as how Kubernetes RBAC (roles, bindings) integrates with cloud-native identities.
- Familiarity with SaaS identity management—SSO protocols (SAML, OAuth/OIDC), SCIM provisioning, and entitlement workflows—to identify gaps, over-privileged accounts, and recommend least-privilege controls across multi-cloud (including Ali Cloud) and SaaS environments.
Cloud-Specific IAM Knowledge (Required):
- AWS IAM: In-depth understanding of IAM users/groups/roles/policies, permission boundaries, service-linked roles, and AWS Organizations (SCPs). Hands-on experience reviewing existing IAM policies (JSON), detecting overly broad permissions (e.g., “*” or wildcard actions), and recommending fine-grained least-privilege models.
- Azure Active Directory & Azure RBAC: Knowledge of Azure AD concepts: users, groups, applications/service principals, managed identities, Conditional Access policies. Familiarity with Azure RBAC roles (built-in and custom) and PIM (Privileged Identity Management) best practices for just-in-time elevation.
- GCP IAM: Understanding of GCP IAM constructs: Principals (Users, Service Accounts, Groups), Roles (primitive, predefined, custom), Service Account Keys, and Organization-level policies. Experience reviewing IAM policy bindings (via GCP IAM or Terraform state) and recommending Organization/Folder/Project-level least-privilege structures.
- Kubernetes RBAC & Cloud-Native Identities: Solid grasp of Kubernetes RBAC entities—Role, Cluster Role, Role Binding, ClusterRoleBinding—and how they map to Kubernetes API groups. Awareness of how cloud-provider-managed Kubernetes (EKS, AKS, GKE) integrates with cloud IAM (for example, IAM Authenticator in EKS, GKE Workload Identity, Azure AD/Entra integration).
- SaaS Application Identity Management: Familiarity with Single Sign-On (SSO) protocols (SAML, OAuth 2.0/OIDC) and identity providers (Azure AD, GCDS, AWS IAM). Understanding of SCIM provisioning, user lifecycle workflows (onboarding/offboarding), and entitlement catalogue management for major SaaS (e.g., Office 365).
Required Skills & Experience:
- 5+ years as a Business Analyst (or similar) focused on IT security, governance, or IAM.
- Hands-on experience mapping and documenting IAM processes in AWS, Azure, and GCP.
- Practical knowledge of AWS IAM (users/roles/policies), Azure AD & RBAC, and GCP IAM (roles/bindings).
- Familiarity with Kubernetes RBAC (Role Bindings, ClusterRoleBindings) and how those tie into cloud IAM (EKS, AKS, GKE).
- Proven track record analysing SaaS-based identity integrations (e.g., SAML SSO, SCIM provisioning).
- Strong gap-analysis skills, able to pinpoint missing or weak access controls.
- Comfortable using cloud consoles, CLIs (AWS, Azure, GCP and Ali) and reviewing IaC (Terraform/CloudFormation) for IAM-related misconfigurations.
- Excellent stakeholder management; able to facilitate cross-functional workshops and drive consensus.
Contact Detail:
Vallum Associates Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cybersecurity Business Analyst-Banking
✨Tip Number 1
Familiarise yourself with the specific IAM constructs and protocols mentioned in the job description. Understanding AWS, Azure, GCP, and Kubernetes RBAC will give you a solid foundation to discuss during interviews.
✨Tip Number 2
Prepare to demonstrate your experience with gap analysis and documenting IAM processes. Be ready to share examples of how you've identified weaknesses in access controls and what steps you took to address them.
✨Tip Number 3
Brush up on your communication skills, as this role requires aligning various teams. Practice explaining complex technical concepts in simple terms, which will help you during stakeholder discussions.
✨Tip Number 4
Network with professionals in the cybersecurity field, especially those with experience in banking. Engaging with industry peers can provide insights and potentially lead to referrals for the position.
We think you need these skills to ace Cybersecurity Business Analyst-Banking
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity and business analysis. Focus on your hands-on experience with IAM processes in AWS, Azure, and GCP, as well as any specific projects that demonstrate your skills in gap analysis and stakeholder management.
Craft a Compelling Cover Letter: In your cover letter, explain why you are interested in the Cybersecurity Business Analyst position. Emphasise your understanding of IAM constructs and your ability to communicate effectively with cross-functional teams. Use specific examples to illustrate your experience and achievements.
Showcase Your Technical Skills: Clearly outline your technical skills related to IAM, including your familiarity with SSO protocols, SCIM provisioning, and cloud-native identities. Mention any certifications or training you have completed that are relevant to the role.
Prepare for Potential Questions: Anticipate questions related to your experience with IAM policies and cloud environments. Be ready to discuss how you have identified gaps in access controls and recommend least-privilege models in previous roles. This will help you stand out during the interview process.
How to prepare for a job interview at Vallum Associates
✨Showcase Your Technical Knowledge
Make sure to brush up on your understanding of IAM constructs across AWS, Azure, GCP, and Alibaba Cloud. Be prepared to discuss specific examples of how you've mapped and documented IAM processes in these environments.
✨Demonstrate Strong Communication Skills
Since the role requires aligning various teams, practice articulating complex technical concepts in a way that non-technical stakeholders can understand. Use clear examples from your past experiences to illustrate your points.
✨Prepare for Gap Analysis Questions
Expect questions that assess your ability to conduct gap analyses. Be ready to explain how you identify over-privileged accounts and recommend least-privilege controls, using real-life scenarios where possible.
✨Familiarise Yourself with SaaS Identity Management
Understand SSO protocols and SCIM provisioning thoroughly. Be prepared to discuss how you've managed user lifecycle workflows and entitlement catalogues in previous roles, especially in relation to major SaaS applications.
