Saurabh Aggarwal

Sr. Business Analyst 662-***-**** adhvvn@r.postjobfree.com

SUMMARY:

•Over 8+ years of experience in the implementation and successful delivery of complex information systems within the Technology, Financial Services Industries, Publishing Company primarily focused on Identity and Access Management (IAM).

•Business Analysis: Skilled at running sessions with business users, stakeholders and subject matter experts and eliciting needs and translating those needs into concise functional and non - functional requirements and supporting the implementation of Identity Management and Access Governance and Administration solutions.

•Experienced in Analysing and implementing Segregation of Duties, Application access reviews, Audit and Compliance requirements, Role-Based Access Control (RBAC).

•Expert in defining Access Administration (Provisioning, de-provisioning), access enforcements (authentication protocols) and access governance (certification, Logging, and Monitoring) via JAD sessions.

•Have diversified experience spanning across integration, implementation and deployment of SailPoint IdentityIQ and Sun Identity

•Expertise in SailPoint lifecycle Manager, Compliance Manager and Access Governance modules.

•Management and Access Governance and Administration solutions.

•Good knowledge and understanding of SSO.

•Expert in defining Access administration (Provisioning, de - provisioning), access, enforcements (authentication protocols) and access governance (certification, Logging and monitoring).

•Experienced in validating all requirements, and separate key business requirements from wish lists.

•Experienced in Conducting JAD sessions, created Use Cases, workflows, screen shots and Power Point presentations for the Web Applications.

•Knowledge in IAM-related standards such as SAML, SOAP, LDAP, Open-ID, and OAuth.

•Experience to implement best practices for Data clean-up and stabilizing the system for optimization.

•Extensive experience in Role Mining, Entitlements Analysis, and Advanced Analytics.

•Test Planning and Management: Experienced in leading testing teams, test plans, test cases and execution of test cases in SIT, Integration and CAT/UAT environments

•Process Definition and Improvements: Data Analysis, Process Re-engineering, Process Strategy, design and Implementation

•Perform Information Assurance using Risk Management Framework (RMF) on submarine systems at shore facilities and their associated software and peripheral systems.

•Conducts Computer Software/hardware/systems information assurance analysis and verification IAW applicable standards

•Verifies requirements traceability into test planning

•SDLC & Methodologies: Strong end-to- end knowledge of traditional Software Development Life Cycle (SDLC) and Agile methodologies combined with hands-on IT experience.

•Cybersecurity or IT Experience (Identity and Access Management, Internal Threat Operations, Data Protection)

•Expertise in Sail point lifecycle Manager, Compliance Manager and Access Governance modules.

•A functional understanding of the following:

-NIST – Cybersecurity Framework

-NIST – 800-53 Security Controls

•Good understanding of SOX and HIPPA controls

•Well - versed with SDLC processes ranging from Waterfall to Agile methodology

•Proficient in planning and execution of projects in time critical environment

•Exceptional communication, people, documentation, analytical and problem-solving skills

•Strong organizational and documentation skills, proficient in MS Office Suite (MS Project, Excel, and PowerPoint)

•Able to simultaneously work on multiple tasks and projects in a fast-paced environment.

TECHNICAL SKILLS:

Programming Languages: C, C++

Business Modelling Tools: MS Visio, MS Project

Databases: MS Access, Oracle SQL, MS SQL Server, AD, VDS

Identity and Access Management: SailPoint IIQ, CyberArk, NetIQ, ITIM, Service Now

Requirement Management Tools: Requisite Pro, QC ALM, Version One

Packages: Adobe Acrobat Suite, Microsoft Office Suite

Project Methodologies: Waterfall, Agile, Scrum

Defect Tracking Tools: QC ALM, JIRA

Other Skills: Outlook, Lotus Notes, Share Point, HP-ALM

EDUCATION DETAILS:

Master of Science -Wayne State University, Detroit, MI

Bachelor of Technology-Jaypee University, India

CERTIFICATIONS:

PMP Certified

PROFESSIONAL EXPERIENCE:

Citizens Bank, Johnston, RI Oct 2017 to Till Date

Sr. Business Analyst Responsibilities:

•Served as a Liaison between business group and technology teams to have clear understanding of the business needs

•Created Business Requirements Document (BRD) for SailPoint IIQ implementation

•Created detailed Business Process Flows for SailPoint IIQ implementation

•Created Functional Requirements Document (FRD) for on boarding Authoritative Applications onto SailPoint IIQ

•Created Functional Requirements Document (FRD) for on boarding Target Applications onto SailPoint IIQ

•Created detailed Use Cases for an application on boarding onto SailPoint IIQ

•Worked closely with the architects/developers by giving key inputs to develop Technical Design Document (TDD)

•Created Requirements Traceability Matrix (RTM)

•Worked with the developers to Configure Application Definition (Details, Schema & Correlation) and test connections in SailPoint IIQ

•Assigned identity to service/functional accounts (Non-Correlated) in SailPoint IIQ

•Worked with the developers to configure and run tasks in SailPoint IIQ

•Created Business and IT Roles in SailPoint IIQ

•Worked with the developers to configure identity mapping and Account mapping in SailPoint IIQ

•Created Policies (SOD, Account, Activity & Advanced) in SailPoint IIQ

•Validated Identity cubes in Identity Warehouse to make sure Identity Attributes, Application Account Attributes, Roles, Entitlements and Policy violations for the identity are aggregated and populated in SailPoint IIQ

•Validated attributes marked as Entitlements for a particular application are populated in the Entitlement Catalog

•Identification of department unique cyber security gaps.

•Champion and guide different departments to successfully adopt and adapt processes and procedures to ensure compliance with corporate information security policies through a multi-year roadmap.

•Excellent communication skills and ability to build consensus and establishing collaboration with team members from every department.

•Development of cyber security risk assessments

•Participation in the planning and execution of a corporate incident response team for a detected incident

•Assist in developing cyber security educational material

•Demonstrated initiative to remain current with technical cyber security changes.

•Participate in evaluating proposed projects, software vendors, and business practices for potential cyber concerns, and assist in the development of policy and procedure to address the concerns

•Participate in strategic planning to address emerging security threats and enhance the company’s cyber posture

•Worked with the developers to configure Access Certification

•Worked with the developers to configure customized Lifecycle Events, Business Processes and Life Cycle Manager in SailPoint IIQ

•Dealt with large amount of data and ran multiple queries in SQL

•Documented User Acceptance testing (UAT) test cases to verify and validate each system specification and requirement with system design

•Worked jointly with development team and end users to make sure functionality of an application meets client requirements

•Created internal and ad-hoc Data reports for Identity attributes with the help of SQL queries

Allianz Life, Minneapolis, MN Aug ’15 - Oct ’17 IAM/IDM Analyst

Responsibilities

•Primarily involved in developing a prototype of the application as proof of concept (POC) for the business team and as a guideline for the development team.

•Interacted with various business team members to gather the requirements and Documented detailed proposals, functional and data business requirements, process flows, use cases, information needs, test scenarios, and obtain functional design specification approvals

•Interacted with various vendors like OKTA, Microsoft, and Computer Associates during POC and documented their pros and cons in line with the use cases.

•An integral part of the team in selecting the IAM tool. Captured and document AS-IS process and defined the future state with solution architect related to OKTA.

•Worked extensively on the Business Case and making sure all the granular details are captured and backed by the related matrix. Created power point presentation for business and IT stakeholders.

•Shared the related use cases with Vendors like CyberArk and recorded the results from the POC and made recommendations along with the team.

•Worked on getting the requirements for birthright applications and converting those requirements in user stories, created issues in JIRA as a centralized tool used by all the team members.

•Requirement gathering for password management and making sure the password complexities are strong and in conjunction with downstream applications like AS400, UNIX.

•Analyzed and documented decommissioning of current legacy systems as per the release approaches.

Bremer Bank, MN Feb '13 – Aug 15 IAM Business Analyst Responsibilities:

•Worked with the SME’s to develop Identity and Access Management (IAM) Program Framework

•Responsible to elicit high level IAM Business Requirements from key business and technology stakeholders

•Responsible to create Business Requirements Document (BRD)

•Created Requirements Traceability Matrix (RTM) in MS Excel

•Responsible for mapping requirements to IAM capabilities, SOX controls and PCI controls

•Held interviews and workshops with key business and technology stakeholders to assess current state IAM tools

•Responsible for current IAM tools to Framework mapping

•Identify and document detailed current major IAM Service Gaps (Gap Analysis) or deficiencies for processes, products and tools

•Worked with SME’s to develop Maturity Model for improving IAM maturity over time

•Worked with the SME’s and key stakeholders to assess current and target state maturity for each IAM capability in the Framework

•Worked with SME’s to prepare knowledge transfer document for Trusted Third Party Assessment

•Identified IAM functional areas in scope and involve in Trusted Third-Party market analysis for IAM

•Worked with the SME’s to define the future state of an IAM solution to adequately prepare for the build, test and implementation stages

•Responsible to develop IAM term glossary

•Worked with the IAM team to develop IAM Roadmap and Release Plan by identifying gaps between the current and future state and identifying initiatives for proposed future state solutions not available in current systems

•Involved in the RFP process for Identity Governance and Administration (IGA) Tool

•Involved in vendor demos for the IGA tool selection

•Worked with the SMEs and key stakeholders to create Proof of Concept Use Cases for the stakeholders to test the critical scenarios in the IGA tool

Fannie Mae, Reston, VA Jan’12– Feb 13

IAM Analyst Responsibilities:

•Work with business and solution owners to identify and maintain user role definitions

•Build partnerships with business units to ensure that business requirements continually inform Role Based Access Control program

•Serve as internal liaison for RBAC/IAM issues with representatives from application solution owners and Information Security

•Coordinate analysis of discovered user accounts for risk, ownership and access appropriateness

•Coordinate with application owners during UAT post RBAC deployment

•Manage and engage change network and conduct change impact assessment

•Work with stakeholders to understand their access needs and design access roles accordingly

•Coordinate on-going remediation efforts by working with stakeholders to determine ownership and appropriate corrective actions

•Define roles and resource groups for standardization as per client security standards

•Review active privileges in the system and conclude on creation/modification of roles

•Communicate requirements to stakeholders, manage conflicts, issues and challenges in order to ensure that stakeholders and project team members remain in agreement on solution scope

•Plan and monitor to determine which activities are necessary to identify relevant stakeholders

•Analyze and document business requirements and interfacing with system/platform owners

•Manage Role Based Access Control (RBAC) process lifecycle

•Responsible to create RBAC template for Windows, SQL, Oracle and UNIX platforms

•Analyze data pull (Service accounts, Sudo commands, Shares, Services etc.) from the platform team and clean up user access

•Create and run test cases and follow defect lifecycle management in HP Quality Center

•Involved in Provisioning Roles in Net IQ

•Involved in Provisioning RBAC Resource Groups in Active Directory and CyberArk Safe

•Involved in Provisioning RBAC Resource Groups in the server Local Groups

Contact this candidate