Senior Identity Governance Analyst

Ready to be a Titan? At ServiceTitan, we are building a Next-Generation Identity Fabric. We’ve moved beyond static spreadsheets and legacy provisioning. We are looking for a technical powerhouse to lead the evolution of our Identity Governance and Administration (IGA) program. Identity has become the most sprawling and complex attack surface in modern enterprises, spanning cloud environments, SaaS applications, data systems, machine identities, and now AI agents. In this role, you won’t just manage access; you will architect the intersection of Identity Security Posture Management (ISPM) and AI Security. You will be responsible for ensuring that every identity—whether a Titan, a third-party contractor, or a high-velocity AI agent—has the right access, for the right reason, at the right time. What you'll do: Access Request Workflow Management: Configure and maintain advanced access request workflows across privileged systems (code repositories, databases, infrastructure), including role-based, time-bound, delegated, and just-in-time (JIT) access provisioning. Authorization Governance & Policy Leadership: Lead authorization decisions for job functions and privileged data access from a governance perspective, establishing clear principles for critical systems including ST Admin roles, Snowflake data access, and other high-risk entitlements. Architect the Identity Fabric: Design and implement automated workflows that bridge our core stacks (Okta, Veza, Lumos) to create a seamless, risk-based identity lifecycle. ISPM & Continuous Governance: Move us from periodic "point-in-time" reviews to continuous identity security. Monitor for identity risks like over-privileged accounts, "shadow" identities, and dormant access. Non-Human Identity (NHI) & AI Security: Establish the governance framework for non-human identities, including service accounts, API keys, and AI agents. Ensure AI integrations are secured through rigorous entitlement management. Cross-Functional Collaboration: Serve as the technical glue between Corporate Engineering, Security Architecture, and System Owners to ensure identity is baked into every enterprise tool. Compliance as Code: Act as the primary technical point of contact for auditors (SOX, PCI, ISO 27001, SOC 1/2). Automate evidence collection so that compliance is a byproduct of good engineering, not a manual chore. Vendor Management: Partner deeply with our strategic vendors (Okta, Veza, Lumos) to influence their product roadmaps and maximize our ROI. What you'll bring: The Fundamentals: 5+ years in Identity & Access Management (IAM/IGA). You should deeply understand lifecycle management (Joiner/Mover/Leaver), RBAC/ABAC, and the Principle of Least Privilege. The Modern Stack: Hands-on experience with modern IGA and Identity Discovery tools (e.g., Veza for authorization graphs, Lumos for SaaS governance, Okta for orchestration). NHI Expertise: Proven experience managing non-human identities and secrets management in cloud-native environments (AWS/GCP). Security Posture: Understanding of ISPM principles—detecting identity drift and misconfigurations before they are exploited. Compliance Fluency: Ability to translate complex regulatory requirements (like SOX or PCI) into technical controls and automated workflows. Automation Mindset: Proficiency in Python, Go, or specialized workflow languages to automate provisioning and remediation tasks. Who You Are A Systems Thinker: You understand the delicate balance between People, Process, and Technology. You don't just fix a ticket; you fix the process that created the ticket. An Enabler of Innovation: You believe security should be a tailwind, not a headwind. You build identity solutions that allow Titans to move faster and collaborate safely. Data-Driven: You use identity analytics to identify high-risk areas and prioritize engineering efforts based on actual risk data. Why This Role Matters Identity is the new perimeter. As ServiceTitan scales and integrates AI across ... (truncated, view full listing at source)