Responsibilities:

• Implementation & Configuration
  - Install, configure, and upgrade IBM ISIM, IBM ISAM, and SailPoint IIQ environments.
  - Migrate IAM solutions across environments (Dev, Test, Prod) and between platforms.

• Customization & Extensions
  - Develop custom workflows, provisioning policies, and role-based access models.
  - Write extensions, connectors, and adapters for application onboarding.
  - Customize IAM products to align with enterprise security and compliance needs.

• Identity Lifecycle Management
  - Design and implement Joiner/Mover/Leaver (JML) processes.
  - Configure automated provisioning/de-provisioning policies.
  - Build rules for access reviews, role mining, and access certifications (where applicable).

• Integration & Directory Services
  - Integrate enterprise applications, directories, and databases with IAM platforms.
  - Configure LDAP directory services, replication, and schema extensions.
  - Write and maintain Tivoli Directory Integrator (TDI) scripts for data synchronization.

• Access Management (if ISAM included)
  - Configure authentication/authorization policies, SSO, and federation (SAML, OAuth, OIDC).
  - Develop custom login modules and risk-based access rules.
• Troubleshooting & Support
  - Diagnose and resolve issues related to provisioning, authentication, and directory replication.
  - Provide operational support and optimize IAM processes.
 

  • Hands-on experience in at least two IAM products (ISIM, ISAM, SailPoint IIQ).
• Expertise in workflow development, policy configuration, and application integration.
• Proficiency in Java/J2EE, BeanShell, JavaScript, or Python for writing extensions and rules.
• Experience with LDAP (TDS, Active Directory, OpenLDAP) including replication and schema design.
• Strong knowledge of Tivoli Directory Integrator (TDI) scripting.
• Understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, Kerberos, RADIUS).
• Familiarity with databases (Oracle, DB2, SQL Server) for IAM backend operations.
• Good knowledge of provisioning connectors, adapters, and APIs (REST/SOAP).
• Strong problem-solving and troubleshooting skills in complex IAM environments.
Preferred (but not required):
• Certification in any of the following: IBM ISIM, IBM ISAM, SailPoint IdentityIQ.
• Experience in IAM solution design and large-scale deployments.
• Understanding of compliance requirements (SOX, GDPR, ISO 27001).
 

BE - BTECH - 8-10 years of relevant experience