Cyber Security Analyst - DevSecOps

Our client, a leading Management & Strategy Consulting firm, is seeking a Cybersecurity Analyst to support its client in the financial services domain. This role requires strong expertise in DevSecOps practices alongside solid knowledge of Identity and Access Management (IAM). The ideal candidate will have experience embedding security controls within cloud environments, CI/CD pipelines, and application development workflows, while also managing access governance, privileged access, and compliance requirements.

Requirements and Qualifications:

· 3+ years of experience in cybersecurity, with strong exposure to DevSecOps and IAM.

· Familiarity with CI/CD pipelines and tools (e.g., Jenkins, GitLab CI/CD, Azure DevOps) and integrating security into build/deploy processes.

· Solid experience with IAM tools such as SailPoint, CyberArk, and Active Directory.

· Hands-on experience with infrastructure-as-code security (e.g., Terraform, CloudFormation, or Azure ARM templates).

· Understanding of cloud security (AWS, Azure, or GCP), container security, and policy enforcement in cloud-native environments.

· Excellent communication and collaboration skills to work with both technical and business teams.

· Implement and enhance DevSecOps practices, integrating security tooling (e.g., SAST, DAST, container scanning) into CI/CD pipelines.

· Collaborate with engineering and cloud teams to design and enforce secure-by-default architectures across application and infrastructure layers.

· Support IAM initiatives including onboarding/offboarding, entitlement reviews, and role-based access governance.

· Utilize and integrate tools such as SailPoint, CyberArk, and Active Directory within broader DevSecOps workflows.

· Assist with implementation of SSO, MFA, RBAC, and identity federation, ensuring secure and compliant access controls.

· Partner with cross-functional stakeholders to ensure security and compliance requirements are embedded early in the SDLC.