Lead IAM Governance Engineer

Configures, administers, and maintains Enterprise Access Management (EAM) and Identity Governance systems, including SailPoint IdentityNow. Coaches and develops other EAM and Identity Governance engineers. Integrates RGA applications into EAM and Identity Governance solutions. Designs and configures entitlement and access reviews for application and access owners. Designs and configures EAM and Identity Governance automation, reporting, monitoring, and alerting.

Responsibilities

• Coaches, develops, and mentors others on the configuration, operation, maintenance, and troubleshooting of EAM and Identity Governance systems, including SailPoint IdentityNow.
• Leads the integration of EAM and Identity Governance systems into the RGA environment.
• Onboards applications into EAM and Identity Governance systems.
• Develops and maintains documentation of processes, troubleshooting, and training.
• Integrates and maintains EAM and Identity Governance systems with in-house and third-party applications, including but not limited to ServiceNow, Workday, and Active Directory, for birthright provisioning, request approval and fulfilment, deprovisioning, access to RGA applications, recertification of existing access upon transfer, removal of access upon termination, and custom workflows, while maximizing the use of automation.
• Designs, implements, and maintains monitoring and alerting for key processes within EAM and Identity Governance systems.
• Designs, implements, and maintains User Access Reviews (certifications), to include integration of SailPoint IdentityNow with RGA and third-party applications, maximizing the use of automation, enhanced and effective customer experience, and producing informative reports.
• Maintains documentation to ensure additions and modifications are thoroughly documented upon implementation.

Requirements

Education

Required: Bachelor's degree or equivalent experience

Preferred: Master's degree and/or LOMA certification

Required Experience

• 8+ years of IT or related experience
• Proven experience progressing from a technician to a lead role focused on Identify and Access Management with expertise in SailPoint IdentifyNow (primary) and IdentifyIQ (secondary)
• Advanced knowledge of Identity Governance, including but not limited to user lifecycle provisioning (Joiner, Mover, Leaver), policy & role management, Role Based Access Control, access reviews and certifications, Segregation of Duties
• In-depth knowledge of SailPoint IdentityNow configuration, including workflows, rules, policies, and customization
• Advanced experienced integrating SailPoint solutions into existing architecture
• Knowledge of Role Based Access Control
• Advanced problem-solving skills and the ability to analyze and provide solutions to complex IAM/SailPoint issues
• Advanced experience coaching, developing, and mentoring junior engineers and analysts
• Advanced oral and written communication skills demonstrating ability to share and impart knowledge
• Working knowledge of OKTA and ServiceNow related to integration capabilities with SailPoint IdentityNow
• Advanced skills in customer relationship management and organization change management
• Advanced knowledge of change management practices
• Ability to appropriately balance priorities, deadlines, and deliverables
• Ability to work well within a team and participate in team projects
• Advanced ability to translate business needs into acceptable technical solutions
• Ability to liaise with individuals across a wide range of operational, functional, and technical disciplines
• Advanced ability to set goals and deadlines, handle multiple tasks and clients simultaneously
• Ability to quickly adapt to new methods, work under tight deadlines and stressful conditions

Preferred Experience

• Knowledge of using artificial intelligence tools for Identity Governance
• Knowledge of best practices for system architecture and design

Technical Requirements

• Administration of SailPoint solutions including IdentityNow
• Microsoft Administration including AD, Azure, O365
• PowerShell
• APIs
• Database platforms including Oracle, MSSQL, MySQL
• Postman
• Java