IAM Engineer with SSO, MFA & Federation Expertise

NARAYANA VAKA

Denton, TX +1-945-***-**** ********.****@*********.*** LinkedIn

PROFESSIONAL SUMMARY

Results-driven IAM Engineer with 4+ years of experience designing and implementing identity and access management solutions across healthcare and enterprise environments. Skilled in SailPoint IdentityNow, Okta, CyberArk, Azure AD, and Active Directory, with strong expertise in SSO, MFA, RBAC, and identity lifecycle automation. Proven track record in improving security, reducing provisioning time, and ensuring SOX, HIPAA, and GDPR compliance. Adept at integrating IAM systems, automating workflows, and enhancing access governance in hybrid cloud environments. TECHNICAL SKILLS

Identity & Access Management (IAM): SailPoint Identity Now, Identity Lifecycle Management (Joiner-Mover-Leaver), Access Provisioning & Deprovisioning, Identity Governance & Administration (IGA), Access Certifications, Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC) Directory Services & Identity Platforms: Microsoft Entra ID (Azure AD), Active Directory, Azure AD Connect, ADFS, LDAP Authentication & Federation: Single Sign-On (SSO), Multi-Factor Authentication (MFA), SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), Ping Identity, Okta Privileged Access Management (PAM): CyberArk (Safes, PSM, Credential Rotation, Privileged Account Onboarding) Automation & Scripting: PowerShell, Python, API Integrations, Workflow Automation Cloud & Hybrid Identity: Hybrid Identity Architecture, Cloud IAM Integrations, Federated Access Management Governance, Risk & Compliance (GRC): SOX, HIPAA, GDPR, Access Reviews, Audit Support, Compliance Reporting Tools & Integrations: ServiceNow, HRMS, ERP, CRM Systems, VPN, VDI Security & Operations: Least Privilege Access, Zero Trust Security Principles, Identity Threat Mitigation, Incident Troubleshooting (SSO/Federation), Log Analysis & Debugging

PROFESSIONAL EXPERIENCES

IAM Engineer

Humana USA Jan 2024 - Present

Engineered and administered SailPoint IdentityNow for identity lifecycle management, provisioning, governance, and certifications across 150+ applications, strengthening access controls, compliance readiness, and security in a regulated healthcare environment.

Designed and automated Joiner-Mover-Leaver workflows in SailPoint IdentityNow by integrating Active Directory, Azure AD, and ServiceNow, reducing provisioning turnaround time by 70% and improving access assignment accuracy for enterprise users.

Designed, implemented, and optimized Role-Based Access Control models aligned with least-privilege principles, reducing excess access, improving entitlement governance, and supporting secure access across business and healthcare-related systems.

Managed enterprise-wide access review and certification campaigns to support SOX and HIPAA compliance, achieving 98%+ completion rates and driving timely remediation of inappropriate or excessive access.

Administered 200+ privileged accounts in CyberArk by configuring safes, enforcing password rotation, and monitoring privileged sessions through PSM, strengthening privileged access security and improving audit readiness.

Integrated and supported Okta SSO and MFA solutions, and developed PowerShell and Python automation for Active Directory administration, reporting, and API-based IAM integrations, reducing login incidents by 45% and improving operational efficiency.

Partnered with security, infrastructure, and application teams to enforce identity governance policies, streamline onboarding and offboarding processes, and improve control over access to sensitive healthcare and corporate systems.

Supported audit and compliance initiatives by preparing access control evidence, tracking remediation activities, and helping maintain adherence to internal security standards and regulatory requirements. IAM Engineer / Analyst

Tata Consultancy Services (TCS) Bangalore, India Feb 2021 - Nov 2022

Managed hybrid identity infrastructure across Microsoft Entra ID (Azure AD), on-prem Active Directory, Azure AD Connect, and ADFS, enabling secure and reliable identity synchronization and federated access.

Implemented SSO and MFA using Microsoft Entra ID, Ping Identity, and NPS for 40+ enterprise applications, strengthening authentication security and improving user access experience.

Integrated SAML 2.0, OAuth 2.0, and OpenID Connect-based authentication for business-critical applications, supporting secure federated access across cloud and on-prem environments.

Automated user provisioning and deprovisioning workflows using PowerShell and Python, reducing manual effort by 50 percent an d improving accuracy of identity lifecycle management.

Integrated IAM services with HRMS, ERP, CRM, VPN, CyberArk, and VDI platforms to support centralized Joiner-Mover-Leaver processes and access governance.

Led MFA migration for external-facing systems, improving authentication security and reducing exposure to identity-based threats.

Configured and administered CyberArk PAM, including privileged account onboarding, credential rotation, and session monitoring to strengthen control over sensitive access.

Supported SOX, HIPAA, and GDPR compliance through access certifications, RBAC enforcement, and audit preparation, contributing to stronger governance and audit readiness.

Troubleshot and resolved SSO and federation incidents using log analysis, API debugging, and token inspection, helping maintain service continuity and reduce authentication-related disruptions.

IAM Engineer

Genpact India Jun 2020 - Jan 2021

Engineered and supported enterprise IAM solutions across hybrid environments using PingFederate, Microsoft Entra ID (Azure AD), and ADFS to deliver secure identity federation, centralized authentication, and reliable access management for business-critical applications.

Implemented Single Sign-On integrations for internal and client-facing applications using SAML 2.0, OAuth 2.0, OpenID Connect, and LDAP, improving secure access, authentication efficiency, and user experience.

Strengthened access security by deploying Multi-Factor Authentication, Role-Based Access Control, and Attribute-Based Access Control to enforce least- privilege access and support Zero Trust security requirements.

Automated identity lifecycle management processes including provisioning, deprovisioning, role updates, and access reviews using PowerShell, Python, and workflow-based automation, improving operational efficiency and reducing manual effort.

Managed hybrid identity operations by maintaining synchronization between on-premises Active Directory and Microsoft Entra ID, troubleshooting authentication and access issues, and ensuring accurate identity and entitlement management.

Supported IAM governance and service delivery by monitoring logs, resolving L2/L3 incidents, remediating security findings, and contributing to compliance initiatives aligned with NIST, ISO 27001, and GDPR requirements. EDUCATION

University of North Texas, Denton, TX

Master of Science in Computer Science Jan 2023 – Dec 2024

Contact this candidate