Architect and manage Single Sign-On (SSO) and Multi-Factor Authentication (MFA) integrations using tools like Okta, Ping Identity, and Microsoft Entra ID.
Build and maintain Joiner, Mover, Leaver lifecycle processes.
Automate provisioning and de-provisioning workflows to ensure Day 1 access and immediate revocation upon termination.
Manage enterprise PAM solutions such as CyberArk, BeyondTrust, and Thycotic to secure high-value credentials.
Maintain the health and hygiene of Active Directory (AD) and Entra ID (Azure AD).
Manage Group Policy Objects (GPO) related to security and implement Conditional Access Policies.
Drive the migration of legacy applications to modern authentication standards (SAML, OIDC, OAuth).
Conduct periodic access reviews/recertifications to satisfy compliance audits (SOX, ISO 27001).
Implement and manage Identity Governance & Administration (IGA) platforms like SailPoint, Saviynt, Oracle, and Azure Identity Governance.
Monitor IAM logs to detect anomalous behavior and blocking issues with privileges.
Implement identity controls across Azure, AWS, GCP, including IAM roles, policies, and key rotation.

6+ years in Cybersecurity with at least 5+ years specializing in IAM/PAM.
In-depth understanding of Active Directory (On-prem) and Azure AD/Entra ID.
Hands-on experience with IGA tools (e.g., SailPoint, Saviynt) and PAM tools (e.g., CyberArk).
Deep understanding of Federation protocols: SAML 2.0, OAuth 2.0, OIDC, SCIM.
Strong proficiency in PowerShell or Python for automating IAM tasks.
Ability to build "Least Privilege" models and Role-Based Access Control (RBAC) structures.
Certifications: CEH, CISSP, CIAM, or vendor-specific certifications (e.g., CyberArk Defender/Sentry, Okta Certified Consultant).
Experience managing machine identities and secrets in DevOps pipelines.
Experience consolidating AD forests or migrating from on-prem to cloud identity.

Tech Lead – Cyber Security

Key skills