Hands-On Compliance Manager
Resume:
NASHRA MAHVISH
**************@*****.***
PROFESSIONAL SUMMARY:
SailPoint Consultant/Developer with 9+ years of experience in Identity and Access Management (IAM), specializing in SailPoint IdentityIQ (IIQ) implementation, integration, customization, and administration. Expertise in Identity Governance and Administration (IGA), User Lifecycle Management, Role-Based Access Control (RBAC), Access Certifications, Compliance Management, Workflow Automation, and Access Requests across multiple enterprise applications and platforms.
Extensive experience in SailPoint IIQ versions 7.x and 8.x, including implementation, configuration, migration, and upgrades.
Hands-on expertise in Provisioning, Deprovisioning, Account Aggregation, Identity Policies, Password Policies, Entitlement Management, and Compliance Manager.
Strong experience in SailPoint integration with Active Directory (AD), LDAP, JDBC, Workday, SAP GRC, SAP HANA, SAP Direct, Delimited Files, Azure AD, OKTA, and other enterprise applications.
Proficient in Connector Development, Lifecycle Management (LCM), Identity Lifecycle Events, Custom Event Handlers, Scheduled Tasks, and Custom Rules (Build-map, Customization, Escalation, Exclusion, and Connector Rules).
Expertise in REST APIs, BeanShell, Java, PowerShell, SQL, Spring Framework, and custom workflows, rules, approvals, and automation.
Configured and developed Aggregation, Correlation, Role Attestation, and Entitlement Attestation processes.
Strong knowledge of Single Sign-On (SSO), Multi-Factor Authentication (MFA), SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and WS-Federation.
Hands-on experience in SailPoint tool customization, report generation, and integration with target systems.
Designed and configured Business & IT Roles, Identity Refresh Processes, Provisioning Policies, and Certification Workflows.
Developed custom plugins for access requests and contractor account management.
Expertise in Compliance and Audit Readiness (SOX, GDPR, Privacy Standards), ensuring Access Reviews, Risk-Based Policies, and Identity Lifecycle Governance.
Configured and managed SailPoint Environments (DEV, QA, PROD, DR), including Performance Tuning, Troubleshooting, and System Optimization.
Experience in Aggregation, Workflows, Quick Links, Approval Workflows, Reports, and Scheduled Jobs.
Integrated Azure AD with SailPoint for SSO and user access to Linux servers.
Hands-on experience in developing RESTful web services for data import, validation, and API-driven provisioning.
Developed, tested, and deployed custom workflows, rules, and policies for advanced identity governance and provisioning solutions.
Proficient in handling different file formats (Text, CSV) and designing data import processes.
Hands-on experience in Manager Certification, App Owner Certification, and Entitlement Owner Certification.
Configured and developed SailPoint Lifecycle Events (LCM), Scheduled Jobs, Event Handlers, Access Policies, and Approval Workflows.
Developed pre- and post-provisioning custom rules and tasks to enhance automation.
Expertise in IAM migration projects, ETL processes, and validation strategies with extensive testing and user acceptance validation (UAT).
Experience in Customizing Workflows for Provisioning and De-Provisioning across internal and external systems.
Configured Password Manager, Compliance Manager, and Integration Modules for IdentityIQ environments.
Strong hands-on knowledge of IDAM (Identity and Access Management) and IdentityIQ Administration for managing Identity Lifecycle and Password Management.
Involved in multiple upgrades from IdentityIQ 7.x to 8.x, ensuring seamless migration and system stability.
Designed and implemented data import processes for validating access levels from internal and external target sources.
Developed custom rules like Escalation, Exclusion, and Connector Rules for complex IAM scenarios.
Well-versed in Active Directory, LDAP protocols, and database systems like SQL Server, Oracle, and MySQL for seamless integration.
Worked under Agile/Scrum methodologies, ensuring continuous process improvements, automation, and security compliance.
Led UAT, Post-Production Support, Bug Fixes, and Re-engineering efforts to enhance system performance and security.
EDUCATION:
MS in Information Quality
University of Arkansas at Little Rock, United States Jan 2019 – Dec 2020 GPA: 3.8/4.0
Bachelor of Technology in Computer Science
Jawaharlal Nehru Technological University (JNTUH), India Jul 2010 – Jun 2014 GPA: 7.5/10
CERTIFICATIONS:
SailPoint IdentityIQ Certified Developer
SailPoint IdentityIQ Certified Consultant
SailPoint IdentityNow Certified Professional
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Identity and Access Manager (CIAM)
AWS Certified Security – Specialty
Microsoft Certified: Azure Security Engineer Associate
TECHNICAL SKILLS:
IAM & Governance
SailPoint IdentityIQ (IIQ), IdentityNow, Identity Governance and Administration (IGA), Role-Based Access Control (RBAC), Segregation of Duties (SoD), User Provisioning & Deprovisioning, Access Governance, Privileged Access Management (PAM)
Authentication & Access Control
Single Sign-On (SSO) – Okta, Ping Identity, Azure AD, Multi-Factor Authentication (MFA) – SAML, OAuth, OIDC, WS-Federation, CyberArk, BeyondTrust, Active Directory, LDAP, Zero Trust Security
SailPoint Customization & Integrations
Connector Development (JDBC, SAP Direct, Workday, REST APIs, SCIM), Custom Rules, Lifecycle Manager (LCM), Custom Workflows, Account Aggregation, Application Onboarding, Access Request & Approval Workflows
Programming & Scripting
Java, BeanShell, JavaScript, XML, JSON, REST APIs, PowerShell, Python, SQL
Database & Middleware
Oracle, MySQL, Microsoft SQL Server, PostgreSQL, MongoDB
Cloud & DevOps
AWS IAM, Azure AD IAM, Kubernetes, Docker, Jenkins, Ansible, Terraform, CI/CD Pipelines
Compliance & Security
SOX, GDPR, HIPAA, PCI-DSS, NIST, ISO 27001, Data Privacy & Protection, IAM Audit & Compliance Reports
Operating Systems & Environments
Windows Server, Linux (Red Hat, Ubuntu), UNIX, MacOS
PROFESSIONAL EXPERIENCE:
SERVICENOW – SANTA CLARA, CA
NOV 2023 – PRESENT
SAILPOINT CONSULTANT / DEVELOPER
Job Responsibilities:
Configured organizational, business, and IT roles to manage various application entitlements effectively and implemented Role-Based Access Control (RBAC) from scratch, ensuring enforcement of least privilege security principles.
Integrated SailPoint IdentityIQ (IIQ) with Active Directory (AD), Workday, SAP, OKTA, CyberArk, Salesforce, and JDBC, enabling seamless user lifecycle management (LCM), access request approvals, custom workflows, and provisioning policies.
Developed and managed SailPoint Connectors (AD, JDBC, Workday, SAP, PeopleSoft, LDAP, RSA, Delimited File) for streamlined integration across multiple enterprise applications.
Designed and implemented Identity Governance and Administration (IGA) solutions, including Access Certifications, Segregation of Duties (SOD) Policies, Compliance Manager, and Role Mining to enhance security and regulatory compliance (SOX, GDPR, PCI-DSS).
Configured Lifecycle Events (Joiner, Mover, Leaver, Contractor Extension/Conversion) using SailPoint Accelerator Pack, ensuring automated provisioning and deprovisioning processes.
Developed custom SailPoint rules (Build-map, Customization, Exclusion, Escalation, Connector Rules) and configured Entitlement & Role Attestation workflows to enhance identity governance.
I possess a deep understanding of the full user lifecycle in Saviynt, including onboarding, access requests, role management, and offboarding. I am adept at configuring Saviynt to automate these processes, ensuring that new users are correctly provisioned with the necessary access while minimizing the risk of access misconfigurations.
Implemented Privileged Access Management (PAM) solutions, including CyberArk, ensuring secure access control to critical systems.
Developed and customized SailPoint UI forms, quick links, certification workflows, approval processes, and email templates for user access management.
Automated task scheduling, data feeds, and aggregation processes using PowerShell, SQL, Java, and BeanShell, improving efficiency in identity refresh, compliance reporting, and access request management.
Configured and managed Single Sign-On (SSO), Multi-Factor Authentication (MFA) solutions with Okta, Ping Identity, and Entra ID (Azure AD) for authentication and access management.
Led Sprint Planning, Agile Scrum meetings, and Incremental Enhancements, ensuring timely delivery of IAM features and collaboration with cross-functional teams.
Provided post-production support, system performance tuning, and monitoring of SailPoint IdentityIQ (IIQ) PROD servers, ensuring optimal system uptime and compliance.
Developed custom APIs and web services (REST/SOAP, SPML) for data imports, validation, and API-driven provisioning.
Created custom plugins and automation scripts for access requests, contractor account management, and reconciliation processes, improving operational efficiency.
Designed and enforced certificate policies, Identity Attribute Mappings, and Identity Cubes, ensuring compliance with IAM security standards.
I have extensive hands-on experience with Saviynt, specializing in identity governance and administration (IGA). My expertise includes configuring and managing Saviynt’s identity management workflows, ensuring seamless integration with multiple applications and systems, including Active Directory (AD) and Azure AD.
Managed and administered Entra ID (Azure AD) for authentication, authorization, and user lifecycle management, ensuring seamless IAM operations.
Configured Audit & Compliance Reporting in SailPoint IdentityNow (IDN) & IIQ, supporting access reviews, risk-based policies, and security audits.
Provided technical design documentation, knowledge transfer, and post-production support, ensuring smooth implementation and system stability.
Hands-on experience with IAM migration projects, ETL processes, custom rules development, and validation strategies, ensuring smooth transitions and regulatory compliance.
CARDINAL HEALTH – DUBLIN, OHIO FEB 2021 – OCT 2023
IAM ENGINEER / SAILPOINT CONSULTANT
Job Responsibilities:
Led the modernization of IAM solutions in collaboration with Deloitte's cybersecurity team to enhance security and access control.
Designed, implemented, and managed SailPoint IIQ (v7.x & 8.x) and IDN solutions for access governance, user provisioning, RBAC, and compliance (SOX, HIPAA, GDPR).
Developed and optimized Joiner-Mover-Leaver processes, contractor conversions/extensions, and automated access request workflows to improve operational efficiency.
Integrated SailPoint IIQ with Active Directory (AD), Azure AD, Okta, CyberArk, SAP GRC, SAP HANA, Workday, ServiceNow, Salesforce, and JDBC for seamless identity synchronization and automated provisioning.
Secured privileged accounts by integrating CyberArk with SailPoint, ensuring secure credential vaulting and privileged session monitoring.
I have a strong background in configuring Saviynt to connect and manage various applications, including provisioning and de-provisioning access to systems like Office 365 (O365). My experience includes troubleshooting integration issues and ensuring smooth communication between Saviynt and connected systems such as AD or Azure AD for both new user onboarding and ongoing user lifecycle management.
Designed and enforced Access Certifications, Entitlement Reviews, Compliance Manager, Role Mining, and SoD policies, ensuring audit readiness and mitigating access risks.
Developed custom workflows, rules, event handlers, and LCM configurations, including Build-map rules, Customization, Escalation, Exclusion, Connector Rules, and Role Attestation Workflows.
Designed custom plugins and REST APIs for advanced provisioning and access request automation.
Configured and managed SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and WS-Federation for SSO integrations with Okta, Ping Identity, and Azure AD (Entra ID), while implementing MFA solutions to strengthen authentication security.
Designed RBAC models, Role Mining, Role Engineering, and Entitlement Structures to enforce least privilege access, along with dynamic ABAC policies for enhanced access controls.
Conducted security assessments, risk analysis, and compliance audits to ensure alignment with SOX, HIPAA, PCI-DSS, and NIST security frameworks, implementing identity analytics and risk-based access policies to detect and mitigate security threats.
Monitored and optimized SailPoint IIQ & IDN performance, ensuring high availability, scalability, and system efficiency, while managing Oracle, SQL, Sybase, and LDAP directories for optimized IAM data synchronization.
Led SailPoint IIQ upgrades from v7.x to v8.x and migration projects with zero downtime, automating Active Directory Group Provisioning/Deprovisioning for improved identity lifecycle management.
Led Sprint Planning, Agile/Scrum meetings, and incremental IAM enhancements, while providing mentoring and training on SailPoint IIQ, IAM best practices, and compliance management.
CLIENT: AXIS BANK, MUMBAI, INDIA SEP 2016 – DEC 2018
SAILPOINT IDENTITY IQ/IAM DEVELOPER
Job Responsibilities:
Installed, configured, and customized SailPoint IdentityIQ (IIQ) and IdentityNow (IDN), including modules like Manage Access, Manage Identity, Certifications, and Compliance Manager to meet banking security and regulatory requirements.
Designed and implemented custom workflows, provisioning policies, approvals, and role-based access controls (RBAC) to ensure automated identity lifecycle management.
Integrated SailPoint IIQ with Active Directory (AD), LDAP, JDBC, Azure AD, Okta, CyberArk, Workday, ServiceNow, and SAP GRC for seamless user provisioning, deprovisioning, and entitlement management.
Developed and customized Beanshell, Java, and REST API integrations to automate user access requests, approvals, and compliance reporting.
Strong knowledge of Privileged Access Management (PAM) solutions, including CyberArk, securing privileged accounts and integrating them with SailPoint for vaulting and session monitoring.
Configured Segregation of Duties (SoD) policies, entitlement management, risk-based access certifications, and access recertifications to meet SOX, GDPR, and PCI-DSS compliance standards.
Developed custom rules (Build-map, Customization, Escalation, Exclusion, and Connector Rules) to support access provisioning, role mining, and entitlement reviews.
Proficient in Core Java, BeanShell scripting, JavaScript, XML, and SQL to develop custom connectors, reports, and IAM automation solutions.
Led IAM security assessments, risk analysis, and audit reviews to enhance governance, risk management, and compliance.
Managed password policies, identity synchronization, and multi-factor authentication (MFA) enforcement across enterprise applications.
Onboarded applications using direct connectors (Delimited, JDBC, AD, Web Services, LDAP) and performed integrations with Linux, RDBMS, and SaaS applications.
Implemented IAM solutions for joiner, mover, and leaver processes, including contractor conversions, access extensions, and automated terminations.
Designed and implemented attribute mappings between SailPoint and Linux servers for accurate synchronization of user data.
Configured SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and WS-Federation for SSO authentication with enterprise applications.
Developed custom plugins, scheduled tasks, lifecycle event handlers, quick links, approval workflows, and custom reports for enhanced IAM visibility and analytics.
Integrated ServiceNow for automated access requests, ticketing workflows, and compliance tracking.
Automated IAM system deployments, upgrades, and patches using shell scripting, Ansible, and CI/CD pipelines.
Designed and implemented federation services using IBM ISVA Federation to enable cross-domain authentication and secure user access.
Configured and managed IAM environments (DEV, QA, PROD, DR), including performance tuning, log analysis, and troubleshooting to ensure system high availability and reliability.
Provided post-production support, knowledge transfer, and training to IAM teams on SailPoint, Identity Governance, and Role Engineering best practices.
Developed and maintained XML schemas and transformations for seamless data exchange between integrated enterprise applications.
Implemented real-time synchronization of identity and access data across applications using APIs and message queues.
Ensured compliance with banking regulations and security best practices, applying patches and updates to IAM systems hosted on Linux and Windows servers.
Led Sprint Planning and Agile/Scrum meetings and coordinated with stakeholders to gather functional requirements, optimize workflows, and align with business security policies.
CLIENT: Accenture/MORGAN STANLEY, India. JUNE 2014 – AUG 2016
HYDERABAD, INDIA
SAILPOINT CONSULTANT / DEVELOPER
Role and Responsibilities:
Configured organizational, business, and IT roles to manage entitlements effectively, implementing RBAC and enforcing least privilege security principles.
Collaborated in a Scrum environment to deliver SailPoint IdentityIQ solutions, leading sprint planning, stand-ups, and retrospectives. Developed and deployed custom workflows, provisioning policies, and access certifications using Agile methodologies.
Supported SOX, Privacy, GDPR, PCI-DSS compliance by implementing security measures and generating compliance reports.
Managed Identity Cubes, Identity Attribute Mappings, LCM, LCE workflows, and Segregation of Duties (SoD) policies.
Troubleshot production issues, quickly resolving complex problems and adapting to new technologies for SailPoint IdentityIQ integration.
Interacted with clients to gather requirements, aligning solutions with IAM best practices. Developed Java-based workflows, rules, and provisioning logic.
Optimized SailPoint components and integrated with relational databases (SQL Server, Oracle, MySQL) for performance and scalability.
Built and maintained connectors between SailPoint and enterprise databases for seamless identity management and synchronization.
Monitored IIQ and PROD servers, managing system health and performance, proficient in ServiceNow incident management and change management practices.
Implemented CI/CD pipelines with DevOps teams for automated deployment and updates of SailPoint systems.
Integrated SSO, MFA, and Active Directory (AD) for seamless user access management and productivity.
Developed Business and IT roles in line with InfoSec and HR requirements. Provided use cases and business process documentation for role management and provisioning processes.
Worked with connectors (Active Directory, PeopleSoft, Workday, Salesforce) for streamlined identity management. Configured SoD policies and customized policy violation processes.
Led SailPoint IIQ implementation for a large-scale banking project, automating processes for 100,000+ users.
Integrated SailPoint IIQ with Azure AD, LDAP, Okta, and Radiant Logic for unified access control and data synchronization.
Designed and implemented SailPoint workflows for user provisioning, integrating with Active Directory (AD) groups.
Built Java-based custom connectors for legacy systems and integrated applications like Salesforce and ServiceNow within SailPoint.
Enhanced IGA (Identity Governance and Administration) by integrating system logs with centralized monitoring for better compliance reporting and risk management.
Managed Privileged Access Management (PAM) using CyberArk and developed Unix Shell scripts for task automation and monitoring system performance.
Managed IAM workflows for provisioning, de-provisioning, and access requests, ensuring compliance with policies.
Integrated Multi-Factor Authentication (MFA) and enforced policies to enhance security across identity management processes.
Designed and optimized database schemas, SQL queries, and ETL processes for scalability and performance.
Conducted risk assessments, implemented mitigation strategies, and mentored junior team members on SailPoint IdentityIQ and IAM best practices.
Contact this candidate