Location - King of Prussia, PA (Onsite from day - 1)
Coordinate with Business understand requirement and work with technical teams to define access management workflows. Should be able to identify access management workflow enhancements/improvements and work on them.
Follow SOP instructions for manual user access provisioning, de-provisioning, recertification.
Document End User and Service Account provisioning procedures, including bulk account provisioning, and in compliance with customer security policies, including:
• Develop a quick reference guide for the account provisioning SOPs. • Develop a quick reference guide for 3rd party managed applications. • Develop a guide capturing any exception approval processes for business applications • Develop list of target applications • Publish the quick reference guide to a customer central repository. • Obtain approval from the customer designated personnel. • Perform a quarterly review of the SOPs; and
Conduct awareness campaigns in support of OCM activities for End Users to increase SOP adoption rate, improve IAM capabilities and eliminate manual, error-prone access management procedures, including access requests, approvals, and reviews.
Perform account provisioning and delegated administration for both End User and Service Accounts, including:
• Track access requests using ServiceNow and Saviynt IAM system • Verify all approvals required to provide requested access have been obtained prior to account creation. • Perform user account provisioning in Active Directory and other LDAP directories as required. • Perform manual account provisioning for applications that are not enabled for auto provisioning. • Configure and modify auto provisioning workflows as required to optimize provisioning activities. • Configure and modify existing auto provisioning workflows when requested by customer -designated personnel. • Detect and remove stale, orphaned and duplicate accounts monthly, after first obtaining approval from customer. • Provide delegated administration privileges and support as required by customer; and • Create communications templates for customer approval, for use when sending emails to requestors or new employee managers as part of provisioning workflows.
Support access governance activities for applications integrated with Saviynt, including:
• Provide support as requested for the recertification process for all applications enabled with auto ID provisioning for temporary End Users. • As required by customer, provide periodic reports on which users have access to auto-provisioned Applications. • Ensure that proper access is enabled for all users in accordance with the feedback received from customer reviewers on the list described in paragraph (ii) above; and • Reconcile identities with identity status (i.e., active, inactive) between HR system and Saviynt
Maintain a base level of access administration knowledge of the specific business applications.
Conduct periodic reviews, as appropriate, to validate that individual employee and Service Account access to programs and libraries is appropriate for Provider-operated Systems, notifying Customer of any discrepancies promptly.
Perform de-provisioning processes daily for both End User and Service Accounts based upon customer-provided termination list.
Perform End User and Service Accounts clean up based on the accounts list shared by IT security compliance and Identity Governance team.
Develop and maintain the ability to de-provision End User and Service Accounts (emergency termination) within 3 hours of notification from customer.
Provide weekly, fortnightly and monthly status report.
Provide ad hoc reports as required to internal customer teams, including user access at organization or Application level, periodic end-to-end user reconciliation (e.g., match users and user access to HR System active users).
Proficiency in deploying and configuring access management tools and technologies, such as Active Directory, LDAP, Azure AD, Okta, SailPoint, CyberArk, etc.
Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS, SOX) and security frameworks (e.g., NIST, ISO 27001) related to access control and identity governance.
Excellent analytical and problem-solving skills, with the ability to assess complex access control issues, identify root causes, and propose effective solutions.
Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and articulate technical concepts to non-technical audiences.
Relevant certifications such as CISSP, CISM, CISA, CompTIA Security+, or vendor specific IAM certifications are a plus.