GRC Analyst - IAM

We're looking for an IAM Compliance Specialist to join Procore's Governance, Risk & Compliance team. In this role, you'll manage the execution and documentation of all user access reviews across our financial system landscape. Your primary goal is to mitigate the risk of unauthorized access and ensure strict Segregation of Duties (SoD).As an IAM Compliance Specialist, you'll partner with System Admins and Business Process Owners to facilitate the quarterly and annual access certification cycles. Use your analytical skills, knowledge of IAM tools, and audit rigor to ensure the right people have the right access at the right time. Help us secure our most critical data-Join us!This position reports into the Manager, GRC - SOX and will be based in our Austin, TX office. We're looking for someone to join us immediately.What you'll do:Coordinate and execute periodic User Access Reviews (UARs) for all SOX-scope applications and infrastructure.Design and maintain a Segregation of Duties (SoD) matrix for key financial systems, ensuring conflicting responsibilities are identified and mitigated.Validate that user de-provisioning as identified as part of the user access review process is performed timely and accurately.Maintain evidence of review approvals and ensure all revocations are completed within the required SLAs.Partner with IT to automate manual access review processes using GRC or IAM tools.Support the broader GRC team during external audits by providing specific evidence for Logical Access controls.Track and report on the status of access reviews to senior leadership to ensure 100% completion.What we're looking for:Bachelor's degree in Information Technology, Business, or a related discipline.2-4 years of experience specifically within Identity & Access Management or IT Audit.Demonstrated experience working with access and change management domains in IT compliance frameworks.Experience with Role-Based Access Control (RBAC) design and implementation in complex SaaS ecosystems.Proficiency with IAM and GRC tools such as Okta, Veza, or SailPoint.Ability to manage high-volume data sets and identify anomalies in user permissions through various means of data analysis.Strong communication skills to influence busy stakeholders to complete required certifications.Additional InformationBase Pay Range:89,120.00 - 122,540.00 USD AnnualFor Los Angeles County (unincorporated) Candidates:Procore will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable federal, state, and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act.A criminal history may have a direct, adverse, and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: 1. appropriately managing, accessing, and handling confidential information including proprietary and trade secret information, as well as accessing Procore's information technology systems and platforms; 2. interacting with and occasionally having unsupervised contact with internal/external customers, stakeholders, and/or colleagues; and 3. exercising sound judgment.