[Remote] GRC Analyst / Multi-Tenant Access Control & Role Governance Analyst
Note The job is a remote job and is open to candidates in USA. Codebase Inc is seeking a GRC Analyst / Multi-Tenant Access Control & Role Governance Analyst to support their transformation to a secure, compliant multi-tenant platform. This role will focus on strengthening SOX compliance and establishing scalable access governance processes.
Responsibilities
- Lead the evolution of access control from a single‑tenant to a multi‑tenant architecture, ensuring security and compliance are built in by design
- Drive remediation of SOX compliance gaps related to access control and role governance
- Serve as a primary contributor to the Role Discovery and Governance Program, including analysis, documentation, and rationalization of 200+ existing roles
- Collaborate with GRC, Security, Engineering, and Product teams to design and maintain a centralized Role Catalog as a single source of truth
- Document business purpose, ownership, access usage, and entitlement consumption for each role to eliminate ambiguity and enable future RBAC migration
- Design and help implement a formal governance framework covering the full role lifecycle (creation, modification, review, deprecation)
- Analyze the current role landscape to identify opportunities for role simplification, consolidation, and retirement of redundant or inactive roles
- Partner with business process owners and engineering teams to embed compliant access controls into system and process design
- Support internal and external audits, including SOX audits, control testing, evidence collection, and remediation of findings
- Act as a trusted advisor on IAM, role governance, and access risk in a fast‑scaling SaaS environment Skills
- 3–5 years of experience in Information Security, GRC, or IAM roles
- Strong hands‑on experience with Identity and Access Management (IAM) and Role‑Based Access Control (RBAC)
- Direct, demonstrated experience supporting SOX compliance, audit readiness, and control remediation
- Experience analyzing and documenting access models, roles, and entitlements across complex platforms
- Ability to communicate complex security and risk concepts clearly to both technical and non‑technical stakeholders
- Proven track record of cross‑functional collaboration with Engineering, Product, Security, and business teams
- Strong analytical and investigative skills with the ability to identify root causes and drive remediation plans
- Ability to balance security, compliance, and business needs with a pragmatic, solution‑oriented mindset
- Experience working in SaaS or multi‑tenant platform environments
- Familiarity with governance and control frameworks such as NIST, COSO, or ISO 27001
- Prior experience building or migrating to a centralized RBAC or IGA solution
- Exposure to cloud platforms, modern application architectures, or security tooling
- Experience supporting regulated or publicly traded companies Company Overview
- Codebase Inc. is a strategic IT solutions service provider based in New Jersey, USA. It was founded in 2021, and is headquartered in , with a workforce of 201-500 employees. Its website is https//www.codebaseinc.com/. Apply To this Job