Access Management Risk
Resume:
Rajiv Shah
********@*****.***
Roanoke, Texas
https://www.linkedin.com/in/rajiv-s-80839937/
Professional Summary
Bachelor's degree with 11+ years of IAM IGA Security Operations Lead in IT Security, Application Security, providing ongoing training to Team, SOX Compliance and Control Execution, assessing and reporting on risks, Discuss team performance and Planning, continuous process improvement and Privileged Access Management Administration, Active Directory and Azure AD services.
•Led IAM Developer Operations Team with Application Development, Incident response, Request Management/Fulfillment, Testing, Root Cause Analysis, Governance, Risk Management, and Compliance.
•Authentication and Authorization Frameworks, design and implementation of Lifecycle and Access Strategies leveraging the IGA tool to implement the Firm’s Information Security policy
•Knowledge and worked on of risk control frameworks such as NIST, ISO
•Strong experience in IAM GRC frameworks; enterprise risk management, internal audit, regulatory compliance management, policy management, Privilege Access Management.
•Strong knowledge of IAM Policies, RBAC, PBAC, SOX Audit (Internal/External), IGA, Process, SSO, SAML Documentation, establishing/analysing IAM controls, and Privilege Access Management.
Certifications
CyberSecurity Introduction and Terminology (Feb 2025)
•Introduction to ITIL V4 (Jan 2025)
•(ISC)2 Security Within Zero Trust (ISC2-CISSP) from ISC2 (Jul 2024)
•Defining the Boundaries of Zero Trust ISC2 Candidate from ISC2 (Jul 2024)
•Cyber Security Key Concepts for Legal Aid Groups, Non-Profits, Pro Bono and Law Firms, GlobalCISO Leadership Foundation (Jul 2024)
•HIPPA Certification (Aug 2024)
Security Tools & Technical Skills
•RSA Archer for SOX
•Qualys for Vulnerability and Incidents monitoring
•Protecting users’ data using Varonis for Data protection
•SailPoint, HITACHI, OneIdentity, AD, for IGA and PAM
•BMC BladeLogic for Server compliance
Professional Experience
Infosys Client: LPL, Remote Jan 2024 to Jun 2024
IAM Technology Lead: ForgeRock Migration
•As a Scrum Master I Guided my Team with Several Agile Team in Program Increment (PI) planning, Business Control Process Design, and implement, test, and release Finance software as per the organisation budget and resource planning, policy and SOX controls
•Established policies for user access, authentication, provisioning, and de-provisioning based on best practices and compliance requirements
•Internal audit, SOX, information technology authentication and authorisation architecture and Lead with a team of 4 engineers for client LPL for application migration from on Prem to SSO, SAML Idp initiated workflow on AWS – ForgeRock applications
•Provided leadership in complete migration of applications for the team
•Architecture of on-boarding of multiple applications with Single Sign-On using CIAM solution.
Infosys Client: Ulta Beauty Apr 2023 to Dec 2023
Identity Access Management Operation Engineer
•Worked on One Identity and Active Directory managed user onboarding to offboarding and auditing for daily updates on IT infrastructure
•Providing ongoing customers support to provision access using established organisational processes.
•Align UAM concepts with the IT Framework, including security and developing appropriate audit controls, Continuous Monitoring and procedures to ensure the integrity of SAP HANA applications.
•Implement Continuous Improvement, Report and Remediate Non-Compliance Issues.
•Responsible for protecting, saving SOX - SAP HANA applications, data, and systems from unauthorized access while managing the identities, and access rights of users within and outside the organization.
Infosys Client: TOYOTA Mar 2021 to Mar 2023
IAM/Scrum Master/SOX Control Coordinator
•Lead a team of SailPoint identity and access management application solutions for governance.
•Managed IT Governance, IT SAP ERP Application Controls, IT System Development, Project Management, Cloud Computing, Risk Management, Compliance, and Audit Fields.
•Managed concurrent SOX projects using Agile methodology, aligning resources, and removing roadblocks to ensure deadlines.
•Providing evidence to Archer for Internal auditing and external auditing in operational information technology systems.
•Identify the risks and/or gaps and suggest possible improvements.
•Managing Certification using SailPoint IIQ for Audit.
•Migration from on prem application to Azure - for B2C and B2E customers (different team withing Toyota).
•Collaborate with all levels of business, technical and architectural leadership actively deploying solutions - utilizing Azure AD, Azure B2E, and Azure B2C
•Develop and maintain technical documentation of testing results.
•Prepares Azure application certification list which expires weekly/monthly for timely renewal of the certificate and proactive communication with respective IAM teams.
Infosys Client: Ralph Lauren Aug 2019 to Nov 2020
IAM Technology Lead
•Managed Identity Governance and Administration (IGA) – users, applications, and data.
•Provided IAM Access Management, Recertification, and PAM (Hitachi) Solutions, Audit, User Provisioning, Group Management, SSO Management
•Managed the Varonis Application (Data Advantage and Data Privilege) Role Base Access Control (RBAC /ABAC approach), Role Assignments, User Analytics Behaviour.
•Managed Varonis Collector, and IDU Configuration communication Integrate Collectors with File Servers
•Upgraded Varonis in a large environment (Including Varonis version upgrade/patch)
•Access and Security Solution with Active Directory Admin, GPO and DNS (Internal, External) Admin, ADFS, SSO, MFA.
•Created SSL (.csr, der, pfx, PEM) Certificate, PowerShell scripting.
AIG, Fort Worth, TX Nov 2012 to Oct 2018
IAM Senior Security Engineer
•Using SailPoint application - provisioning and Deprovisioning identity, and Identity access management solutions for governance.
•Qualys Vulnerability assessment and monitoring
•Managed Privileged Access Management (PAM), and Control Access (Architecture, Compliances, Policy).
•Audit Reporting and LifeCycle included Access Request, Provisioning, Password Management.
•Privilege - user login, User vaulting, analyzing password recorded session, alerts and took appropriate actions, analyzing as is to make recommendations for improvement and working with the team on assigned project tasks.
•Process improvements utilizing Identity and Access Management platforms.
•Managed, administered, and operated a Microsoft Active Directory structure in Windows 2003, 2007, 2012.
•Worked with Security Audit and Server Compliance tools like BMC Blade Logic.
•Generated report for network-based vulnerability scans using Qualys Guard, for Network vulnerability assessments to identify vulnerabilities or confirm compliance to security standards (Using Qualys).
Contact this candidate