IAM Discovery Analyst

About The Position

Requirements

• 6–10 years of experience in IAM, Identity Governance, or Security Engineering
• Proven experience in large IAM discovery or transformation projects
• Strong experience in identity lifecycle documentation and technical writing
• Experience in HRIS integration and enterprise process mapping
• Experience in leading stakeholder workshops
• Identity source discovery (AD, LDAP, Entra ID, Cloud IAM)
• Application inventory mapping and access discovery
• Data correlation, normalization, and identity reconciliation
• RBAC/ABAC understanding and role mining
• API (REST, SCIM) and connector knowledge
• Identity lifecycle (JML) mapping
• Risk and anomaly identification
• IAM tooling exposure (SailPoint, Saviynt, etc.)
• Reporting and dashboarding
• SailPoint IdentityNow / IdentityIQ Certifications
• Microsoft IAM Certification (SC-300 or equivalent)
• Strong Business Analyst orientation with ability to translate business processes into IAM constructs
• Proven experience in Wealth Management domain (client onboarding, advisor access, portfolio systems, regulatory controls)
• Ability to bridge business, compliance, and technology for identity lifecycle and access governance design
• Strong analytical and problem-solving skills
• Excellent communication and documentation capability
• Ability to engage C-level stakeholders

Nice To Haves

• Okta Certifications
• CyberArk Certifications
• Cloud Certifications (AWS / Azure / OCI)
• CISSP
• CIAM
• CIGE

Responsibilities

• Lead identity source discovery across AD, LDAP, Microsoft Entra ID, and cloud IAM environments; onboard and normalize identity datasets
• Discover and catalogue enterprise applications, authentication flows, and access pathways; map identity-to-application relationships
• Develop end-to-end Joiner–Mover–Leaver (JML) lifecycle documentation with strong technical writing aligned to audit/compliance needs
• Lead stakeholder workshops (HR, IT, Security, Business) to capture identity flows, access requirements, and process gaps
• Perform HRIS–IAM integration mapping including data flows, attributes, triggers, and provisioning workflows
• Analyze access patterns (roles, entitlements, usage) to establish baseline access models and optimization opportunities
• Correlate and normalize identity data across systems; eliminate duplicates and identify orphan/shadow accounts
• Support RBAC/ABAC role modeling and role mining initiatives using access and attribute insights
• Enable automated discovery using APIs (REST, SCIM) and connectors
• Identify identity risks (excessive access, toxic combinations, privilege creep) and recommend remediation actions
• Develop CISO-ready dashboards (coverage %, orphan accounts, privilege exposure, onboarding gaps)
• Work with IGA tools such as SailPoint IdentityNow, Saviynt, or similar platforms