Access Management Active Directory
Resume:
Pratyush Khatiwada
*******************@*****.***
Professional Summary:
IAM Developer with over 7 years of experience in Identity and Access Management (IAM), specializing in SailPoint IdentityIQ (IIQ) and SailPoint IdentityNow.
Proven expertise in designing and implementing robust IAM solutions across cloud and on-premises environments.
Proficient in integrating and managing Active Directory, Azure AD, and CyberArk for comprehensive identity lifecycle management.
Skilled in developing custom connectors, automating workflows, and creating scalable access controls to enhance security posture and operational efficiency.
Strong background in Java, BeanShell, and PowerShell scripting for process automation and system integration.
Adept at collaborating with cross-functional teams to align IAM strategies with business objectives and ensure regulatory compliance.
Demonstrated success in leading system upgrades, optimizing performance, and providing end-user training to drive adoption of IAM best practices.
Developed and configured SailPoint IdentityIQ workflows to automate provisioning and de-provisioning, reducing manual errors and streamlining user lifecycle management.
Integrated IdentityIQ with Azure AD and CyberArk to enhance security and simplify privileged access management across cloud and on-premises environments.
Implemented automated certification campaigns and custom SoD policies, reducing audit preparation time and ensuring compliance with GDPR and SOX requirements.
Configured role-based access controls (RBAC) to align with organizational governance policies, achieving reduction in unauthorized access incidents.
Designed and deployed custom user access review dashboards in IdentityNow, providing real-time visibility into compliance statuses and reducing audit review times.
Generated detailed reports for access certifications, improving transparency and audit readiness for HIPAA-regulated environments.
Customized SailPoint forms and connectors to support business-critical applications, enabling faster onboarding and reducing request processing time.
Developed Java and BeanShell scripts to automate high-volume identity tasks, enhancing operational efficiency and minimizing system downtime.
Collaborated with cross-functional teams to define RBAC policies, ensuring alignment with security standards and business requirements.
Led system upgrades and patch management for SailPoint IIQ, maintaining system reliability and up-to-date security protocols.
Education:
Master of Science in Cybersecurity, University of Denver, Denver, CO
Technical Skills:
IAM Platforms: SailPoint IdentityIQ (IIQ), SailPoint IdentityNow, Okta, CyberArk, ForgeRock Identity Platform
Authentication Systems: Active Directory, Azure AD, LDAP, Red Hat Directory Server
Security Standards: SAML, OAuth, OpenID Connect, SCIM, WS-Federation, WS-Trust, Kerberos, TLS/SSL
Programming & Scripting: Java, BeanShell, PowerShell, JavaScript, Python, Shell Scripting, SQL, XML, JSP
Web Technologies: J2EE, Hibernate, Spring, RESTful APIs, SOAP, HTML, CSS, XSLT
Application Servers: Apache Tomcat, JBoss, WebSphere, Docker, Kubernetes
Project Tools: JIRA, Confluence, ServiceNow, Git, Maven, Jenkins
Compliance & Governance: GDPR, PCI DSS, HIPAA, SOX, NIST Cybersecurity Framework
Access Concepts: Role-Based Access Control (RBAC), Least Privilege, Privileged Access Management (PAM), Segregation of Duties (SoD)
Professional Experience:
Tech Solutions Group – New York, NY April 2022 – Present
SailPoint Developer / IAM Analyst
Implemented and optimized a hybrid identity management solution using SailPoint IdentityNow and IdentityIQ, integrating with Active Directory and Azure AD for comprehensive identity provisioning across cloud and on-premises applications.
Designed and implemented customized workflows and forms in IdentityNow, streamlining identity lifecycle management and improving user experience for role changes and terminations.
Developed Java and BeanShell scripts to automate high-volume identity tasks, reducing manual errors and enhancing system reliability.
Configured and maintained connectors for critical systems including Active Directory, SAP, and Oracle, ensuring seamless identity synchronization across all platforms.
Implemented CyberArk for privileged access management, enhancing security measures for high-risk user groups and reducing potential vulnerabilities.
Designed and executed automated certification campaigns, significantly cutting audit times and ensuring regulatory compliance through regular access reviews.
Integrated ServiceNow with the IAM ecosystem to automate access request processing, resulting in faster ticket resolution.
Developed PowerShell scripts for efficient AD group management, optimizing user role assignments and group memberships.
Led system upgrades and patch management for SailPoint IIQ and IdentityNow, ensuring all systems remained current with the latest security protocols and features.
Collaborated with security teams to establish and enforce Segregation of Duties (SoD) policies, minimizing access conflicts and reducing risk.
Partnered with IT and business stakeholders to define and implement Role-Based Access Control (RBAC) policies aligned with organizational requirements and security standards.
Designed and implemented detailed reporting dashboards in IdentityNow, providing real-time visibility into certification statuses and access trends for compliance teams.
Conducted user training sessions and provided ongoing support for IdentityNow functionalities, resulting in increased user adoption rates and improved adherence to IAM best practices.
Developed custom connectors to expand IdentityNow's integration capabilities, enhancing IAM coverage across additional critical business applications and strengthening overall access control measures.
Technology Used: SailPoint IdentityIQ (IIQ), SailPoint IdentityNow, Active Directory (AD), Azure AD, CyberArk PAM, ServiceNow, Java, BeanShell, PowerShell, RESTful APIs, Oracle, SAP connectors, custom reporting in IdentityNow, SoD compliance tools, and User Access Review (UAR) dashboards.
FinTech Innovations – Chicago, IL Nov 2019 – Mar 2022
IAM Engineer
Configured SailPoint IIQ workflows to automate provisioning and de-provisioning for employees, reducing processing time and improving reliability.
Integrated Okta for Single Sign-On (SSO) and Multi-Factor Authentication (MFA), providing enhanced security for internal and customer-facing applications.
Developed and maintained custom Java-based connectors for LDAP and databases, ensuring real-time identity synchronization.
Configured RBAC frameworks to secure access for sensitive applications, resulting in reduction in unauthorized access events.
Automated certification reviews for high-risk applications, reducing manual workload and maintaining audit compliance.
Built custom User Access Review (UAR) reports to monitor compliance and streamline audit preparations, meeting regulatory demands.
Partnered with business units to define clear access roles, refining IAM role definitions and increasing process clarity for end-users.
Customized access request forms within IIQ to support new business applications, enabling quicker onboarding for these systems.
Deployed scripts to automate repetitive IAM tasks, reducing operational workload and improving response time for access requests.
Coordinated with compliance teams to ensure audit readiness, regularly reviewing access policies and implementing required changes.
Conducted knowledge transfer sessions for junior team members, supporting the growth of IAM knowledge within the organization.
Developed dynamic dashboards for access review, allowing real-time tracking of user activity and access policy compliance.
Monitored IAM system health metrics and conducted root cause analysis on system errors to minimize downtime and enhance reliability.
Technology Used: SailPoint IdentityIQ (IIQ), Okta for SSO and MFA, LDAP, Active Directory (AD), Java, PowerShell, SQL, RBAC policies, and User Access Review (UAR) reporting for audit readiness.
Secure Health Network – Boston, MA Jan 2018 – Oct 2019
IAM Analyst / SailPoint Developer
Configured SailPoint IIQ to automate joiner, mover, and leaver processes, reducing delays in access provisioning for 5,000+ healthcare staff.
Integrated AD, Oracle, and other critical systems with IIQ to ensure real-time identity updates and reduce manual data entry requirements.
Customized BeanShell scripts to automate complex workflows, adapting to the unique access needs within healthcare environments.
Developed detailed reports for access certifications and SoD policies, improving audit readiness and transparency.
Integrated Okta MFA and SSO to enhance security across both cloud and on-premises healthcare applications.
Created UAR reports for ongoing compliance checks, ensuring adherence to HIPAA and other regulatory requirements.
Collaborated with IT teams to implement role-based access controls (RBAC), enforcing least privilege principles for healthcare roles.
Automated access review processes, reducing manual audit preparation time and improving efficiency for compliance teams.
Configured RESTful APIs for communication between SailPoint IIQ and external applications, streamlining data flow.
Led training sessions for internal teams on IIQ functionalities, providing in-depth guidance on system usage and IAM processes.
Conducted troubleshooting for IAM-related incidents, ensuring consistent workflow performance and system stability.
Documented all workflows and custom configurations to facilitate future IAM upgrades and audits.
Worked closely with compliance teams to enforce IAM policies, aligning workflows with regulatory requirements and governance policies.
Optimized AD integration with IIQ by creating custom scripts to manage large datasets, improving system responsiveness.
Technology Used: SailPoint IdentityIQ (IIQ), Active Directory (AD), Oracle, Okta MFA and SSO, BeanShell, RESTful APIs, healthcare application integrations, RBAC models, SoD compliance tools, and HIPAA-compliant UAR reporting.
Contact this candidate