Lead Cybersecurity - IAM Operations - SailPoint IdentityIQ

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).
• Typically requires 5+ years of experience in IAM operations, application operations, or identity governance administration/support.
• Strong hands-on experience with SailPoint IdentityIQ operations: workflows, aggregations, tasks, troubleshooting, and debug-level analysis.
• Experience supporting identity lifecycle processes (joiner/mover/leaver), provisioning, and connectivity troubleshooting.
• Working knowledge of Active Directory integrations and entitlement data flows.
• Experience with ServiceNow processes (INC/RITM/CHG lifecycle) and production operational rigor.
• Ability to lead/execute MOPs, release readiness testing, and post-deployment validation.
• Strong communication skills across engineering, business stakeholders, and leadership; ability to drive work to completion.

Nice To Haves

• Preferred SailPoint certifications: Identityt Security Engineer, IdentityIQ Associate, IdentityIQ Engineer
• Preferred SailPoint Knowledge Credentials: Identity Security Leader, Identity Security Professional, Identity Security Expert
• Azure operational experience: KeyVault, Log Analytics / LA Workspace, containers, SFTP patterns.
• SQL/database troubleshooting experience (querying, validation, and root-cause support).
• Familiarity with IAM governance controls including SOX attributes, elevated access patterns, and compliance metadata tagging (e.g., PCI/CPNI).
• Experience creating runbooks, SOPs, and monitoring/alerting improvements for production environments.

Responsibilities

• IdentityIQ Operations & Production Support Provide Tier 3 operational support for SailPoint IdentityIQ; diagnose complex issues involving provisioning, aggregation, workflow failures, and connectivity.
• Monitor and manage Identity Refresh, Aggregation Tasks, NCD triggers, Delegation‑on‑Mover events, and application‑specific lifecycle tasks.
• Troubleshoot and resolve failures including task result corruption, incomplete workflow cases, provisioning “stucks,” leaver/mover issues, and API errors.
• Perform debug-level analysis to identify root causes and validate expected system behavior.
• Application & Entitlement Governance Manage and validate Application Owner Workgroups, Entitlement Owner Workgroups, SOX attributes, requestable flags, and elevated access configurations.
• Partner with onboarding teams to validate entitlement catalog accuracy and metadata (PCI, CPNI, business criticality, SOX flags).
• Execute workgroup aggregation, AD account/group full aggregation, and entitlement import workflows across environments.
• Deployment Planning & Release Readiness Lead/participate in MOP (Method of Procedure) development, deployment rehearsals, and production cutover planning.
• Validate deployment scripts, environment readiness, rollback steps, and dependency alignment with engineering and product teams.
• Conduct stage testing and verification of fixes, patches, and E‑fixes prior to production release.
• Cross‑Functional Collaboration & Leadership Collaborate with engineering, product managers, developers, testers, and security leadership to improve stability and functionality.
• Communicate with business stakeholders, compliance teams, and cross‑application owners to resolve blockers and drive outcomes.
• Mentor operations team members; contribute to onboarding documentation and maintain operational SOPs.
• Process Optimization & Continuous Improvement Create and enhance SOPs, runbooks, wikis, operational checklists, and repeatable procedures.
• Propose and validate new features (e.g., enhanced access reports, filtering options, monitoring improvements) in partnership with engineering/product teams.
• Identify systemic issues and recommend optimizations for performance, task scheduling, and account/entitlement workflows.
• Incident, Change, & Compliance Management Own operational incidents across onboarded applications; document worknotes, root causes, mitigations, and follow-ups.
• Ensure adherence to audit expectations and change governance (CI/CD controls, change windows, post-deployment validation).
• Support ServiceNow processes including incident updates, request fulfillment, CR creation, and post‑deployment validation.
• Azure & Infrastructure Support Activities Work with Azure services including KeyVault, SFTP configurations, Log Analytics, and containerized environments.
• Troubleshoot API failures, encryption/credential issues, credential rotations, and environment connectivity problems.

Benefits

• Medical/Dental/Vision coverage
• 401(k) plan
• Tuition reimbursement program
• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
• Paid Parental Leave
• Paid Caregiver Leave
• Additional sick leave beyond what state and local law require may be available but is unprotected.
• Adoption Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
• Employee Assistance Programs (EAP)
• Extensive employee wellness programs
• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.