Harish

ad4l6y@r.postjobfree.com

+1-469-***-****

SailPoint IAM Engineer

PROFILE SUMMARY

•Around 8+ years of experience in Identity and Access Management, Cybersecurity with IAM products like SailPoint Identity Now, SailPoint IdentityIQ, and Okta.

•Experienced in crafting end to end IAM solutions using SailPoint IAM suite and Okta that includes requirement gathering, analysis, design, integration, development, testing, maintenance, and upgrades.

•Strong knowledge of various SailPoint IAM concepts such as identities, account aggregation, identity refresh, rules, correlation, multiplexing, escalations, revocation, certifications/account reviews, SSB, SOD, and integration configuration deployment.

•Strong working knowledge of IAM modules which includes User Management, Account Management, Entitlement Management, Role Management, Password Management, Life Cycle Management, Multi Factor Authentication (MFA), Single Sign On (SSO), and Directory Services

•Responsible for designing and configuring certification and Life cycle Management processes and implementing the solutions using the Provisioning Engine in SailPoint IdentityIQ.

•Responsible for installing, integrating, and deploying the IdentityIQ and IdentityNow products in client environments.

•Implementation of Role-based Access Controls (RBAC), Attribute-based Access Control (ABAC), Policy Based Access Control (PBAC), Role mining, and entitlement analysis.

•Responsible for building out the Okta platform in support of customers’ cloud architecture.

•Implemented Single Sign-On for single/multiple cookie domains for Web applications and integrated SSO with Sun One LDAP and MS Active Directory. This also includes Federation both inbound and outbound using SAML 2.0.

•Experience automating provisioning and de-provisioning with SCIM, implementing Okta lifecycle management LCM workflows.

•Experience working on SailPoint OOTB with different kinds of connectors like Delimited File, JDBC, LDAP, AD, Azure AD, SAP, and Oracle Applications.

•Experience integrating SailPoint with Azure, Active Directory, ServiceNow, SAP, Cloud systems, and PAM integration module.

•Experience in building custom workflows, rules, policies, and provisioning in IAM.

•Experience in building quick links and Creating Custom Forms.

•Experienced in using the Audit Configuration to specify the actions that are collected for audit logs.

•Experienced using the Audit Search tab to generate searches for audit records for specific time periods and for specific actions, sources, and targets.

•Experience in creating custom email templates and configuring target applications.

•Developed Knowledge and understanding of major data compliance standards like SOX, GDPR, HIPAA, PCI, DSS, and CCPA.

•Very good with core java concepts and J2EE technologies such as servlets, Struts, JDBC, JSP, JSF, Spring Core, Spring AOP, Spring Security, Spring MVC, and Hibernate.

•Strong understanding and development knowledge of RESTful Web Services and Microservices.

•Expertise in design, development, and coding skills in the computing domain using tools like J2SE, J2EE, and Bean Shell.

•Results-oriented professional with a proven track record in IAM solution delivery utilizing Agile or Scrum methodology.

•Highly skilled in collaborating with cross-functional teams and ensuring timely delivery of projects within schedule constraints.

PROFESSIONAL EXPERIENCE

Client : Rockefeller Capital Management, NJ Sep 2022 – Till Date

Title : SailPoint IAM Engineer

Responsibilities

•Connectors used Delimited File, Salesforce, Okta, On Prem Active Directory, and Azure Active Directory.

•Configured Identity profiles for building Identity cubes with precedence from multiple authoritative sources.

●Developed Simple and Complex Transforms, Rules, and Generators for changing data from one form into another.

●Worked on attribute synchronization to keep the accounts data on different sources like Okta and Active Directory in sync with SailPoint.

●Onboarding Applications with Automated Provisioning through Roles, Access Profiles and Entitlements.

●Configured Event based provisioning and Role based provisioning into downstream applications like Okta and Active Directory.

●Implementation of Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC) through Role assignment and Access Profile assignment criteria.

●Experienced in using the Audit Configuration to specify the actions that are collected for audit logs.

●Configured Governance Groups, Segments in the Request Portal as a part of access request feature development.

●Experienced in certifications like Role Composition, Access Item, Uncorrelated Accounts Certification to improve data security by reducing inappropriate access and helping the business satisfy audit and regulatory requirements.

●Worked on Workflows to define action sequences performed inside IdentityNow.

●Worked on Event Triggers and defined action sequences performed in IdentityNow.

●Leveraged Okta API access management for securing application APIs and defining custom access policies for managing tokens.

●Defined Okta rules for segregation of duties and birthright provisioning of users into downstream applications and Integrated Okta provisioning for Okta Org2Org.

●Have set up Multi Factor Authentication (MFA) for all the applications in scope to Okta such as Okta push, Okta verify, SMS authentication, Voice call authentication and Security questions.

●Highly experienced in using Identity Now developer tools like Beta APIs, V2 APIs and V3 APIs to achieve repeatable, automated processes with greater scalability interacting with SailPoint.

●Experience in Jira for task and bug tracking. Documented the work done and posted in Confluence pages.

●Prepared business process models used Visio to create Use Case Architecture diagrams.

Client : Citi, TX Feb’2019 – Jul’2021

Title : SailPoint IAM Engineer

Responsibilities

•Experience working on SailPoint and worked on different kinds of connectors including custom connectors and their Integration into SailPoint.

•Involved in the development of a Business RPA (robotic process automation) ROI Dashboard for Business Leaders to track investments and returns of ROI.

•Implemented a custom solution for end users to request roles, and applications through request portal while governance groups being the approvers.

•Extensively gathered requirements from all users, experts, and key personnel to understand the current functionality of the existing system.

•Collaborated with project managers and stakeholders to evaluate the impact of RPA (robotic process automation) solutions on the organization.

•Implementing the provisioning feature of SailPoint IIQ and IdentityNow by using various connectors like LDAP, Azure AD, and Workday.

•Implemented multi-factor authentication (MFA), Single Sign-On (SSO), access management, and all identity management aspects.

•Worked with the UI Path team to automate a few processes in RPA (robotic process automation)

•Implemented PAM service through SailPoint.

•Created user and container from SailPoint into CyberArk.

•Configuration of Roles, Policies and Certifications for governance compliance enhancing rules, aggregation, workflows, entitlements, groups, workgroups, etc.

•Designed and implemented Windows Power Shell scripts for Active Directory using SQL and SailPoint to meet client needs for audit, and cleanup of stale and inactive accounts.

•Installed Okta AD agents in Active Directory domains as part of AD domains integration with Okta and imported all AD groups to Okta to automate user group membership via Group Rules.

•Worked with application teams to integrate Okta for SSO, MFA, and provisioning.

•Designed and implemented a custom solution for end users to request Identity IQ capabilities following the proper approval and auditing process. This feature is not available to end users outside of the box.

•Monitor user access for suspicious activity in real-time and prevent unauthorized access from external networks, users, and services using Azure.

•Handling Joiners, movers, and leavers processes for high-risk business areas by provisioning, and de-provisioning.

•Experience with SSO and federation using SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and WS-Federation.

•Configured logging mechanisms using Log4j framework.

•Integrated cloud-based application with Azure Active Directory and utilized azure enterprise applications per business needs.

•Experience working on cloud migration of SailPoint to AWS to automate compliance and adhere to audit requirements.

•Implemented Restful web services to connect the AC and SailPoint applications and fetch the data into the portal application.

•Installed and configured the Password Reset Administrator tool to reset the passwords from the Care team.

Client : Anthem Aug’2017 – Feb’2019

Title : SailPoint Engineer

Responsibilities

•Involved in Application Onboarding by using connectors like delimited, JDBC and Active Directory, etc.

•Worked on Identity Access Management and used it effectively in the implementation of SailPoint.

•Hands-on and passionate about the Microsoft Azure platform.

•Used to manage Azure AD resources in a directory such as creating or editing users, assigning administrative roles to others, resetting user passwords, managing user licenses, and managing domains.

•By using Azure roles can be specified at multiple levels including management group, subscription, resource group, and resource.

•Developed SailPoint IIQ rules like build map rule, Creation rule, and exclusion and Correlation rule and Manager correlation rule.

•Created and maintained process documentation and procedures for RPA (robotic process automation) solutions.

•Trained end-users on how to use the RPA (robotic process automation) solutions and provided ongoing support to ensure smooth operation.

•Monitored and maintained the performance of robotic process automation solutions to ensure they meet business requirements.

•Worked on enforcing least security privileges across the RBAC, designed and developed the RBAC from scratch.

•Designed as well as Developed Attribute based Access control (ABAC), Policy Based Access Control (PBAC) and Participated in Role Mining.

•Automated the request flow by populating basic information from Identity Cube by creating provisioning policies.

•Developed custom workflows according to the customer's requirements.

•Created SQL script to load the data into tables according to the requirements.

•Involved in the configuration and development of SailPoint Life Cycle Events (LCM).

•Assisted in updating SailPoint IIQ work groups and monitoring SailPoint IIQ product functionalities.

•Integrated SailPoint IdentityIQ with multiple external databases and applications for provisioning and de-provisioning using Active Directory and LDAP.

•Build and configure SailPoint in-built tasks like aggregation, ID, refresh, Schedule tasks, Correlation, etc.

•Implemented application connectors, certifications, workflows, rules, provisioning policies, e-mail templates, reports, and tasks using SailPoint Identity IQ and IdentityNow.

•Developed Custom java classes to fetch custom Tasks in IIQ.

•Managed client requirements and configured SailPoint connectors for various applications.

•Setting up the integration of ServiceNow with SailPoint to retrieve the user AD group data.

•Built Life Cycle Management workflows to maintain user accounts.

•Participated in all SailPoint deployment activities like connector configuration, custom rule development, workflow configuration and development, and third-party system integration.

•Handling Life Cycle Management workflows.

•Implemented certifications like Application Owner, Entitlement owner, and Advanced Certifications.

•Developed custom reports like application data validation to validate the account, entitlements, and account status after aggregation.

Client : Influx info solutions Jun’2015 – Jul’2017

Title : Software Associate

Responsibilities

•Managed, maintained, and developed the IAM infrastructure using SailPoint and Okta tools.

•Designed and developed Joiner, Mover, and Leaver workflows.

•Involved in all phases of the application life cycle from the start to ending of an application.

•Developed JSPs, Servlets, and EJBs in the MVC Struts Framework to effectively handle the workflow of the application.

•Developed Spring Framework based RESTFUL Web Services for handling and persisting of requests and Spring MVC for returning response to presentation tier.

•Successfully designed and developed Java Multi-Threading based collector parser and distributor process, when the requirement was to collect, parse and distribute the data coming at a speed of thousand messages per seconds.

•Participated actively in the WebSphere community, forums, and knowledge sharing.

•Proficient in Object Relational Mapping (ORM) using Hibernate 4.x and Java Persistence API Standard (JPA) for database mapping and data retrieval facilities.

•Developed different DAO Implementation using Spring JDBC Template to pre-populate the Run Details, notifications etc. at the start of the application.

•Written Struts action Servlets in throughout the application.

•Responsible for Validating and Checking for the GUI functionality.

•Implemented and Updating the Database Tables, Packages, procedures, functions views using Oracle.

•Written complex procedures and functions in oracle database.

•Involved in SIT, UAT environment and deployed the application in various environments.

•Used waterfall model for the application.

•Used ANT as a build and deployment tool. Created a custom form and workflow for managing applications that are not connected to IdentityIQ.

•Developed and deployed custom Connectors/Rules for SailPoint.

•Reviewed test plans created by the quality assurance team and offered feedback and insights into how to perform testing more efficiently.

•Partner with the security team on Identity governance audits and processes.

•Guided application Owners on best practices and standardization when tying applications into IAM systems.

•Supported various projects, life cycle management, directory services, and security integrations.

•Created exclusion rules and pre-delegation rules for certifications.

•Customized email templates to make sure they are client specific with body and branding.

EDUCATION

Bachelor of Technology in Computer Science at Jawaharlal Nehru Technology University, Hyderabad in 2016

Contact this candidate