GSPANN is hiring a Senior Identity Governance & Administration (IGA) Engineer to architect and manage enterprise Identity Governance & Administration solutions using SailPoint and CyberArk. The role focuses on identity lifecycle management, privileged access controls, regulatory compliance, and secure integrations across cloud and on-premises environments.
Description
Roles and Responsibilities
- Architect, implement, and manage enterprise-wide Identity Governance & Administration (IGA) solutions using SailPoint and Privileged Access Management (PAM) platforms such as CyberArk.
- Define and execute the identity governance strategy in alignment with security, compliance, and business objectives.
- Design and maintain scalable identity lifecycle management processes, including provisioning, deprovisioning, access certifications, and entitlement reviews.
- Implement Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and least privilege principles.
- Integrate identity and privileged access solutions across cloud platforms (Azure, AWS) and on-premises environments.
- Act as the global subject matter expert for IGA and PAM, advising security, IT, audit, and business stakeholders.
- Collaborate with internal and external auditors to ensure compliance with regulatory frameworks such as SOX and GDPR.
- Translate security, risk, and compliance requirements into effective technical designs and operational controls.
- Mentor junior engineers and support teams on identity governance best practices.
- Lead incident response, troubleshooting, and remediation activities related to identity governance and privileged access systems.
Skills and Experience
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
- 5+ years of hands-on experience with SailPoint IGA and Privileged Access Management solutions such as CyberArk.
- Strong expertise in identity lifecycle management, RBAC, ABAC, and Separation of Duties (SoD).
- Solid knowledge of IAM protocols, including SAML, OAuth, SCIM, LDAP, and REST APIs, with integration experience across Azure AD and AWS IAM.
- Experience automating identity processes using scripting languages such as PowerShell, BeanShell, or Python.
- Strong understanding of regulatory and compliance frameworks such as SOX, GDPR, NIST, and ISO 27001.
- SailPoint certification is mandatory; certifications such as CISSP, CISM, CISA, or CyberArk Defender/Guardian are highly desirable.
- Excellent communication, stakeholder management, and project leadership capabilities.