Responsibilities

What will you contribute?

The Identity and Access Management (IAM) Operations Analyst: SailPoint will help facilitate the tactical advancement of Finastra's IAM program, which includes Identity Governance & Administration (IGA) and Privileged Access Management (PAM) solutions. As part of the broader Information Security organization, this role will participate in a multidisciplinary information security team, applying fundamental systems security understanding, skills, expertise, and experience to maintain and operate complex information systems and security tools that satisfy organizational mission and/or business requirements, including stakeholder protection needs and security requirements. The role will also be responsible for monitoring, maintaining, and administering IAM solutions. The ideal candidate will be self-directed and work effectively in a diverse team environment.

• Monitors, runs, and supports operations for the IAM program, ensuring appropriate provisioning and de-provisioning of access across various authentication and governance platforms, including SailPoint and DUO MFA, and indirectly, CyberArk and LastPass.
• Monitors ticket queues and shared mailboxes for IAM team applications, either handling the matter or escalating to the Engineering queues as appropriate
• Troubleshoots routine problems such as: issues with Source connectivity, Aggregation, and password changes
• Ensures that terminated users' access is removed according to corporate access management standards
• Works with application and business unit teams to define and configure roles for Role-based access control
• Gathers and normalizes data for quarterly access review procedures to ensure that user access is reviewed and approved by management
• Participates in audit support activities for both internal and external audits
• Routinely provides after-hours on-call support for critical systems and emergency response
• Identifies, escalates, and resolves potential access control and system risk issues
• Identifies opportunities to reduce problems, increase efficiency, and optimize support through process changes
• Creates runbook Documentation on the use of IAM tools for L1 Helpdesk.
• Manages documentation of IAM Standard Operating Procedures and service deliverables
• Performs other related duties as assigned in accordance with qualifications

• IAM and general Information Security best practices
• Extensive knowledge of IGA solutions, specifically SailPoint IdentityNow (e.g.: writing search queries, using Postman to query the API, provisioning access, monitoring and addressing Source Health, managing accounts by automated and manual means - aggregation, correlation, and toggling status)
• Knowledge of LDAP/Active Directory, and relevant IT architecture
• Familiarity with: PKI architecture, SSL/TLS, MFA, and oAuth Principles
• Knowledge of bash commands and/or Powershell a plus
• Microsoft Office knowledge (especially Excel) a plus
• Capable of working cooperatively with leadership, other teams, teammates, and non-technical end-users in a challenging, dynamic, and global environment
• Ability to recognize actions that endanger the security posture or operational efficiency of the organization.
• Ability to successfully handle multiple priorities simultaneously
• Strong sense of urgency and commitment to meeting SLAs
• Excellent written and verbal communication skills

• A minimum of 2 years of work experience performing IGA functions using a modern IGA platform (such as SailPoint IdentityIQ, Saviynt, or Forgerock)
• A minimum of 3 months of work experience supporting and administering SailPoint IdentityNow
• Experience managing DUO or another MFA solution a plus
• Experience with password manager technologies (e.g., LastPass) and remote session governance (e.g., CyberArk) a plus
• Experience in meeting goals in a fast-paced environment that can require reprioritizing and balancing needs

• Bachelor's degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred.