IT Security Analyst – Secrets & Credential Management

As an IT Security Analyst focused on Secrets & Credential Management, you will play a pivotal role in advancing HCLTech’s enterprise-wide security posture. This position is integral to the implementation of robust secrets and credential governance, ensuring technical and workforce credentials are managed securely throughout their lifecycle. Your expertise will directly impact HCLTech’s compliance, operational integrity, and risk reduction strategies, supporting the company’s commitment to secure innovation and global excellence.

• Conduct comprehensive analyses of current secret and credential management practices across applications, infrastructure, platforms, and operations.
• Identify, classify, and document technical and workforce secrets, detailing ownership, usage, storage location, criticality, lifecycle stage, access model, and associated risks.
• Assess control weaknesses such as unmanaged SSH keys, hardcoded credentials, shared accounts, undocumented secret usage, insufficient rotation, and weak auditability.
• Define and document functional and non‑functional requirements for centralized secrets management capabilities.
• Support the design of compliant lifecycle processes for creation, storage, access, usage, rotation, revocation, emergency access, and decommissioning of secrets.
• Analyze dependencies across systems, applications, service accounts, technical users, and operational teams to facilitate onboarding and migration planning.
• Prepare security analysis deliverables including gap assessments, process documentation, risk assessments, control requirements, and remediation recommendations.
• Facilitate and document workshops with technical, operational, and business stakeholders to gather requirements, validate findings, and resolve ambiguities.
• Contribute to tool evaluation by translating operational and security needs into assessment criteria and use cases.
• Validate proposed solution approaches against defined security, compliance, and operational expectations.
• Support reporting and governance activities by maintaining traceability of findings, risks, requirements, remediation items, and implementation dependencies.
• Ensure analysis outputs are audit‑ready, internally consistent, and suitable for decision‑making at project and stakeholder governance levels.

• Minimum of 5 years’ experience in IT security analysis, security requirements engineering, control assessment, or security governance in complex enterprise environments.
• At least 2 years’ experience in IAM (Identity & Access Management) projects.
• Proven knowledge of secrets and credential types (passwords, SSH keys, API keys, tokens, certificates, service accounts, privileged credentials).
• Experience in analyzing IT processes, identifying control gaps, and translating findings into actionable security requirements.
• Strong understanding of IAM, PAM (Privileged Access Management), least privilege, segregation of duties, auditability, and secure access governance.
• Ability to work effectively across technical and non‑technical stakeholder groups, driving structured analysis in ambiguous environments.
• Excellent documentation, workshop facilitation, and communication skills in English.
• Experience working in regulated, global, or highly controlled environments.

• Experience with Cyber Ark, Hashi Corp Vault, Azure Key Vault, AWS Secrets Manager, GCP Secret Manager, or similar platforms.
• Familiarity with ISO 27001, NIST, CIS Controls, or enterprise security governance frameworks.
• Experience with transformation or migration projects involving credential centralization and legacy cleanup.
• Relevant security certifications (e.g., CISSP, CISM, CEH).
• Life insurance
• Private medical care
• Multi Sport Card
• Subsidy for glasses
• Subsidy to language courses
• Christmas and holiday bonuses
• Clear career path in a growing multinational organization