Summary
Overview
Work History
Education
Skills
Websites
Certification
LANGUAGES
Timeline
Generic

Subrat Sedhain

Hooksett,NH

Summary

IAM expert with practical experience in implementing Identity Governance and Administration solutions utilizing SailPoint IdentityIQ, SailPoint Identity Security Cloud (ISC/IdentityNow), Okta, etc., in a large enterprise setup. Successfully planned, developed, and delivered complete solutions utilizing SailPoint IdentityIQ, catering to the needs of identity lifecycle management, access requests, provisioning, governance, and compliance, in hybrid enterprise environments. Created complex BeanShell rules, customized workflow, provisioning, correlation, and forms to cater to the complex requirements of the enterprise while ensuring the integrity of identity information. Created customized workflow and forms to facilitate self-service access requests, delegated administration, etc., to improve operational effectiveness. Successfully integrated SailPoint solutions with various enterprise systems, such as Active Directory, Azure, ServiceNow, SAP, Oracle, SQL, JDBC, REST, etc., to automate the process of user provisioning, etc., in a hybrid environment. Delivered Okta SSO/MFA solutions utilizing SAML, OAuth, and OIDC; deployed Okta AD/IWA Agents; and developed hybrid Okta-AD authentication and provisioning flows. Developed RBAC models, role mining strategies, entitlement cleanup campaigns, and access standardization to improve identity governance and hygiene. Designed and delivered Segregation of Duties (SoD) policies, frameworks, and solutions aligned with SOX, ISO 27001, Zero Trust, and enterprise governance requirements. Improved SailPoint solution performance through optimizing task execution, connector stability, workflow optimization, and reduction of provisioning latency in complex IAM environments. Managed SailPoint code migration, version control, and deployment pipelines to deliver DevSecOps capabilities. Automated various IAM operations utilizing PowerShell, Python, and BeanShell scripting, enhancing reporting, synchronization, and provisioning efficiency. Integrated CyberArk PAM solutions with SailPoint IdentityIQ to deliver automated credential onboarding, privileged account governance, and secure vaulting capabilities. Collaborated with InfoSec, audit, and business teams to identify access risks, deliver least privilege access, and support internal audits, SOX, and regulatory requirements.

Overview

7
7
years of professional experience
1
1
Certification

Work History

IAM SailPoint Developer

GM Financial
Fort Worth, Texas
09.2024 - Current
  • Implemented SailPoint IdentityNow/ISC to automate lifecycle, access requests, certifications, and policy enforcement across cloud and hybrid environments.
  • Provisioned applications in IdentityNow/ISC leveraging SCIM, REST APIs, SAML, OAuth/OIDC, and flat file connectors to standardize provisioning processes and allow centralized governance of SaaS, cloud, and on-premises applications.
  • Established identity profiles, mapped attributes, defined transformation rules, and implemented correlation logic to maintain a complete view of identity data and eliminate provisioning drift within enterprise directories.
  • Developed complete Lifecycle Event (LE) workflows and Automated Provisioning/Deprovisioning, which reduced manual burden on business process owners and improved SLAs for onboarding and offboarding.
  • Connected IdentityNow/ISC with Active Directory, AzureAD, Workday, ServiceNow, Okta, CyberArk, and custom APIs to support seamless identity synchronization and event-driven provisioning.
  • Led multiple large-scale IGA implementation projects, including Role Mining, Designing of Role-Based Access Control (RBAC), Performing Access Cleanup, Implementing Segregation of Duties (SoD), Enforcing Access Certification Programs per SOX, ISO 27001, and Zero Trust Regime.
  • Deployed Okta SSO/MFA and integrated with SailPoint to create an Integrated Governance model, where SailPoint manages lifecycle and access, while Okta Manages Authentication and Adaptive MFA.
  • Transitioned provisioning and governance workflows from legacy systems or Okta governance to IdentityNow and SailPoint SCIM provisioning environments to increase accuracy, compliance, and auditability of all provisioning activities.
  • Built SCIM extensions and custom connectors for non-standard apps, expanding IGA coverage and reducing manual provisioning.
  • Written Automation for IGA and IAM functions using Python, PowerShell, and Event-based workflows that enable faster retrieval of Reports, Reconciliation, and Data Quality.

IAM System Engineer

Deloitte
Austin, Texas
01.2022 - 09.2024
  • Implementation of SailPoint Identity IQ to enable enterprises to successfully manage access to applications and to manage identities.
  • Highly involved in all the phases of SDLC from the software requirements analysis phase to design, development, implementation, unit testing, and debugging.
  • Analyzed the current custom provisioning systems and replicated the existing provisioning process into SailPoint IIQ, along with automation of provisioning.
  • Actively involved in gathering business requirements and recommending the best approach.
  • Deployed and configured SailPoint Identity IQ Connectors for different target systems.
  • Experience working with different BI tools, knowledge of various data extraction tools, and data analysis.
  • Designed and developed custom processes to create users and cubicles within SailPoint, along with an AD account for those who do not belong in the HR system.
  • Worked on SailPoint IIQ Rules and Workflows as per the business needs, Configuration of Roles, Policies, and Certifications for governance compliance.
  • Build and Configure SailPoint Identity IQ in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
  • Deployed and configured certain in-built connectors to automate provisioning, including G-suite, Cerner App, HR systems, and certain mainframe applications.
  • Implemented and managed CyberArk Privileged Access Security (PAS) solutions to securely store, control, and monitor privileged account access across critical systems, reducing security risks and ensuring compliance with industry standards.
  • Administered CyberArk Vault and Central Policy Manager (CPM) to enforce automated password rotation and secure credential storage, ensuring a least-privilege access model and minimizing potential attack vectors.
  • Integrated web service-based applications to authenticate and authorize users based on their access and data in SailPoint Identity IQ.
  • Involved in Configuration and development of SailPoint Life Cycle Events (LCM).
  • Advised on encryption best practices within SailPoint IdentityNow to meet PCI DSS, HIPAA, and GDPR requirements for data protection and privacy, ensuring organizational compliance with global standards.
  • Integrated SailPoint IdentityNow with external systems and applications, ensuring secure data exchanges with third-party systems using encryption standards like AES and TLS.
  • Provisioning and accessing governance experience with an understanding of security on systems such as AD, LDAP/Unix, Oracle, Sybase, and manually provisioned applications.
  • Worked on integrating SailPoint with Microsoft Entra ID / Azure, Active Directory, ServiceNow, REST APIs, SCIM, LDAP, and JDBC, and enterprise applications for user provisioning, access governance, and identity synchronization.

IAM Developer

Cardinal Health
Columbus, OH
11.2020 - 01.2022
  • End-to-end SailPoint IdentityIQ onboarding and application integration with full compliance to client-specific identity governance models and access control rules.
  • Developed and implemented custom SailPoint IIQ integrations for onboarding enterprise applications, ensuring seamless identity provisioning and deprovisioning across Cardinal Health's hybrid IT environment.
  • Engineered automated certification campaigns using SailPoint IdentityIQ and ISC, enhancing compliance with SOX and FFIEC standards while reducing manual effort through campaign fatigue controls.
  • Designed and configured Build Map Rules, Pre-Iterate Rules, and Correlation Rules to enforce enterprise-specific access logic and streamline attribute synchronization from HR systems and Active Directory.
  • Integrated SailPoint with CyberArk to automate privileged account provisioning and enforce policy-based access controls across Windows, UNIX, and cloud systems.
  • The integration of Remedy ITSM with SailPoint for ticket lifecycle automation, enabling real-time access request tracking and closed-loop remediation.
  • Configured and managed RBAC policies and scoped roles in SailPoint to support Cardinal Health's distributed access model across multiple business units and geographies.
  • Utilized IdentityNow (ISC) to configure identity profiles, onboarding sources, access profiles, and provisioning policies—enhancing scalability for cloud-first identity governance.
  • Created custom workflows and forms to manage complex business use cases, including contractor onboarding, non-employee access requests, and SOD exception handling.
  • Built and delivered audit-ready reports (e.g., SOX Reports, Access Review Logs, Policy Violation Reports), supporting internal compliance, regulatory audits, and operational transparency.
  • Participated in 24/7 IAM platform support by resolving incidents, performing RCA, and maintaining high availability of IIQ and ISC platforms.
  • Collaborated with Cardinal Health's cybersecurity, infrastructure, and business teams to deploy IAM solutions that aligned with risk management objectives and ITIL service practices.

IAM SailPoint Analyst

Intuitive Surgical
Sunnyvale, CA
10.2019 - 11.2020
  • Application onboarding across various teams and application design.
  • Analyzed and identified the entitlements and roles for the application.
  • Involved in role design, role mining, and entitlement analysis.
  • Worked closely with the IT Strategic Technology Partners to evaluate new application integration requests from our business partners/Agencies.
  • Understand and document the as-is state of user access security of the application.
  • Helped in performing SailPoint IIQ cleanups and documented new change orders.
  • Gather requirements for Customizing Application and Account Onboarding process as per client and business requirements.
  • Daily meeting with different IAM teams and reporting new/pending IAM issues and concerns.
  • Assisted as a BA on Certifications, custom tasks, and reports.
  • Manage User Access/Login Security to Sail Point Applications.
  • Gather requirements for customization of out-of-the-box workflows in SailPoint.
  • Requirement gathering for different lifecycle managers.
  • Represented the team as on-site coordinator and assigned tasks for the offshore team. Point of contact for the organization representation for the SailPoint project.
  • Provided support to the development team in both testing and production environments, and analysis (troubleshooting) of log files to resolve issues following the best practices.

Education

Bachelor of Science - Computer Science

Southwest Minnesota State University
Marshall, MN

Skills

  • Identity and Access Management: SailPoint IIQ, Okta, SailPoint IdentityNow, Identity Security Cloud (ISC), Okta, Saviynt, Azure Active Directory, Microsoft 0365
  • Threat Detection & Incident Response: SentinelOne, Defender for Endpoint, IDS/IPS, Malware & Phishing Analysis
  • Operating Systems: Linux, Windows 7-11, Windows Server 2012-2025, MAC
  • Directory Server: Sun LDAP, Microsoft AD
  • Application Servers: Tomcat, WebSphere, WebLogic, WebSphere
  • Frameworks & IDE tools: IDE Eclipse, NetBeans
  • Databases: Oracle, MySQL, MS-SQL
  • Languages/Technologies: Java/J2ee Technologies, C, XML, JSF, BeanShell, PowerShell
  • Other: Policy & Playbook Development, Security Awareness Training
  • Project management
  • Application development
  • API integration
  • Problem-solving

Websites

Certification

  • Docker Fundamentals
  • Non-Human Identity Fundamentals Certification
  • SailPoint Identity Security Leader Credential
  • Saviynt Identity Security for AI Age (ISAA)

LANGUAGES

English
Native or Bilingual

Timeline

IAM SailPoint Developer

GM Financial
09.2024 - Current

IAM System Engineer

Deloitte
01.2022 - 09.2024

IAM Developer

Cardinal Health
11.2020 - 01.2022

IAM SailPoint Analyst

Intuitive Surgical
10.2019 - 11.2020

Bachelor of Science - Computer Science

Southwest Minnesota State University
Subrat Sedhain