Sr. Staff Analyst, Information Security

About Analog Devices

Analog Devices, Inc. (NASDAQ:

ADI

) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible. Learn more at

and on

LinkedIn

and

Twitter (X)

.

Cybersecurity - Sr. Staff Analyst – Identity Governance

Position Summary

This position will be a part of the Cyber Security team and requires a strong background in both cybersecurity as well as foundational identity management technology and architecture. The Cybersecurity Sr. Staff Analyst (Identity Governance) will lead and support Identity Governance initiatives, including but not limited to, supporting the implementation of an IGA platform, (PAM) Privileged Access Management, establishing RBAC and enforcing SOD (Separation of duties) as well as least privileged policies, optimization and standardization of MFA across the environment and continue our maturity towards password-less authentication, and ZTNA.

This role is a senior-level contributor that will directly lead governance program activities focused on the continuous maturity of our identity access management program and technologies. This individual will continually influence the maturity and adoption of strong identity security practices across ADI.

This role will directly support the Delinea PAM platform architecture and configuration, particularly the migration to Delinea's SAAS platform to ensure Privileged Roles are managed to ADI's Policy and Standards, as well as ensure compliance to our regulatory obligations (SOX, CMMC, TISAX, HIPAA etc).

In addition - This role will also be focused on the integration and alignment of identity governance into the engineering and manufacturing environments and supporting our strategy for ZTNA enablement which heavily leverages strict identity verification mechanisms.

Key Responsibilities

• Identity Governance:
• Design, implement and manage identity governance and assurance (IGA) controls and platforms to support user provisioning, deprovisioning, access requests and UARs/access recertifications. Implementing automation for these processes, streamlining the end user experience and internal IT provisioning/entitlement processes, utilizing AI for further efficiency wherever possible.
• Design, manage and mature role-based access control (RBAC) to enforce least privilege access with each user and devices grant access only to the specific applications or data necessary for their roles, limiting potential exposure and minimizing the risk of data breaches or unauthorized access.
• Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for IGA team technologies and processes.
• Investigate and respond to identity-related incidents, violations and anomalous access behavior identified in IGA monitoring and reporting systems.
• Continuously monitor data access activity, identify potential security risks, and maintain a clear audit trail of data access events.
• Working with IT, HR and other business partners develop, refine, automate and streamline identity lifecycle processes (joiner/mover/leaver provisioning, de-provisioning), and establish birthright entitlement structures and mature identity verification processes.
• Collaborate across compliance, and IT teams to align Identity Governance to ADI's regulatory requirements (e.g., SOX, CMM, TISAX, HIPAA).
• Monitor and remediate orphan accounts, access violations, and segregation of duties (SoD) conflicts.
• Troubleshoot identity-related issues and provide Tier 3 support for Cyber Identity-related incidents.
• Automate workflows using PowerShell, Python, or similar scripting languages.
• Participate in ongoing auditing and risk assessments, and implementation of audit recommendations.
• UARS- User Access Certifications:
• Working with Cyber Identity Governance team members to directly manage all aspects of the User Access Review (UAR) process for the enterprise-supported access program including regulatory environments/applications. This includes planning and executing quarterly UARs for all systems participating in this program and continuing to mature the automation around these processes.
• Ensure all evidence of authorization is documented and archived according to internal standards.
• Identifying and engaging with participating system partners across the company to ensure readiness and engagement for regular UARs
• Producing and maintaining data reporting, analysis, dashboards and scorecards in support of overall UAR health, execution, and closure.
• IT IAM Team Collaboration and Foundational IAM Architecture Support:

• Assist IT partners with the design of Identity and Access Management solutions, Single Sign-On (SSO), and Multi-Factor Authentication (MFA) solutions for various use cases across the organization.

• Collaborate with various Security, IT teams and partners such as IAM architecture, IT networking etc. to mature ADI's ZTNA capabilities based upon continuous access evaluation of users and device behaviors. Design and implement solid operational processes to manage situations where access anomalies are detected that access may be revoked and/or enforce additional authentication requirements.

• Assist IT IAM Engineers in architecting solutions for the business and ensuring those solutions adhere to ADI's Cybersecurity policies and standards, as well as utilizing industry's best practices for Identity Security.
• Assist IT partners and teams with troubleshooting issues with IAM tools and processes as needed.
• Works across IT and Cybersecurity infrastructure and architecture SMEs to ensure that all aspects of the security solution architecture are defined, documented and tested, with adherence to Policies and Standards. Change Management and Architecture Review Board processes.

• Collaborating with IT IAM leads as well as IT business managers to understand new business requirements, and to collaboratively design solutions that align with enterprise Policy & standards and industry best practices for identity security.

• Privilege Access Management:

• Directly support the Delinea PAM platform architecture and configuration, successful migration to Delinea's SAAS platform, and support for on-prem instances in our regulated Enclaves.
• Ensure Privileged Roles are managed to ADI's Policy and Standards, as well as ensure compliance with our regulatory obligations (SOX, CMMC, TISAX, HIPAA etc.).
• Continue to support and refine technical PAM solutioning that aligns to enterprise architecture strategies, current state environment, support of various business use cases and proactively defend against evolving security risks.
• Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other business teams as needed.
• Stay current with emerging IAM, PAM and IGA technologies, industry security best practices and regulatory compliance changes which would introduce new identity specific control requirements.

Required Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, or related field.
• Minimum 7- 9 years of experience, 10+ preferred, within IT, IAM or Cyber Security, with hands-on experience in Identity and Access Management or related security roles.
• Minimum of 5 years working with common industry IGA solutions (e.g., SailPoint, Saviynt), development and configuration.
• Expert understanding of Privileged Access Management (PAM) and Identity Management/IAM Governance principles.
• Extensive knowledge of Active Directory, Microsoft Entra, LDAP, Redhat Identity solutions and SSO including deployment, administration, and troubleshooting.
• Hands-on experience with IGA tools (e.g., SailPoint, Saviynt).
• Hands-on experience with Privileged Access Management Solutions (particularly Delinea . This includes deployment, integrations, Engineering, and adoption strategies of PAM for large scale enterprises, including secrets key management on multi cloud environments (AWS / Azure), Dev Ops and Orchestration platforms.
• Strong understanding of identity lifecycle, RBAC, policy-based access controls.
• Strong understanding of Active Directory, Azure AD/Entra, Group Policy and cloud identity models.
• Strong knowledge of Conditional Access policy configurations in AD/Entra, as well as MFA (DUO and Microsoft Authenticator).
• Demonstrated expertise in leading strategic, organization-wide identity and security initiatives; providing reports to executive stakeholders; and facilitating the successful adoption.
• Knowledge of security frameworks (NIST, ISO and regulatory compliance requirements (SOX, CMMC, PCI, etc.).
• Proficiency in scripting and automation (PowerShell, Python).
• Excellent problem-solving and communication skills.
• Familiarity with principals of ZTNA, specifically Identity verification methods, technologies and architectures. Authorization and Posture: Verifying each access attempt based on factors like identity, location, and device health, strengthening overall security posture and minimizing unauthorized access.
• Experience with audits and compliance processes in highly regulated environments

Preferred Qualifications

• Relevant certifications: CISSP, CISM, Microsoft Identity and Access Administrator, SailPoint Certified Engineer.
• Experience with Zero Trust architecture and identity federation.

Soft Skills

• Strong analytical and troubleshooting abilities.
• Ability to work collaboratively across teams.
• Detail-oriented with a focus on security and compliance.

For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S. Department of Commerce - Bureau of Industry and Security and/or the U.S. Department of State - Directorate of Defense Trade Controls. As such, applicants for this position – except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) – may have to go through an export licensing review process.

Analog Devices is an equal opportunity employer. We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.

EEO is the Law:

Notice of Applicant Rights Under the Law

.

Job Req Type: Experienced

Required Travel: Yes, 10% of the time

Shift Type: 1st Shift/DaysThe expected wage range for a new hire into this position is $154,400 to $212,300.

• Actual wage offered may vary depending on work location, experience, education, training, external market data, internal pay equity, or other bona fide factors.
• This position qualifies for a discretionary performance-based bonus which is based on personal and company factors.
• This position includes medical, vision and dental coverage, 401k, paid vacation, holidays, and sick time, and other benefits.