Sarah Abdullah

• Designed, architected, and deployed SailPoint IdentityNow (IDN) and Identity Security Cloud (ISC) solutions within Fiserv’s hybrid multi-data-center and Azure cloud environments, supporting 50,000+ enterprise and client-facing identities across UAT, pre-production, and high-availability production tiers. Integrated IDN with key Fiserv identity sources and authoritative applications, including Azure Active Directory, on-premises Microsoft AD forests, Enterprise LDAP directories, Workday (HR source of truth), Okta, and multiple proprietary Fiserv client portals through SCIM, REST, SOAP, JDBC, and LDAP connectors.
• Engineered custom SailPoint connectors and integration modules leveraging REST API frameworks for internally developed Fiserv financial transaction systems, legacy mainframe banking services, middleware queues (IBM MQ), and PCI-DSS scoped card processing applications. Implemented Role-Based Access Control (RBAC) methodologies and enterprise role models, fully aligned with SOX, NERC-CIP, PCI-DSS, and FFIEC regulatory requirements, reducing excessive privileges, and streamlining quarterly certification reviews for audit readiness.
• Automated identity lifecycle management, including real-time joiner/mover/leaver events, time-bound privileged access provisioning, and termination-based deprovisioning, using IdentityNow workflows, scheduled tasks, event triggers, and custom BeanShell scripts. Built certification campaigns for application owners, operational approvers, and compliance teams — including configurable attestation policies that dynamically populate entitlements from authoritative and non-authoritative sources.
  • Developed and deployed custom Java BeanShell rules, identity triggers, and policy-based provisioning configurations in SailPoint IIQ (supporting legacy integration streams) for dynamic entitlement assignment, complex group membership logic, and cross-environment synchronization. Integrated SailPoint with back-end databases (Oracle, SQL Server), enterprise LDAP, SOAP/REST microservices, and file-based feeds for batch-based entitlement imports from financial operations systems.
  • Acted as a subject matter expert for SailPoint implementation within Fiserv’s security engineering division, mentoring junior developers, and participating in architecture review boards to align identity projects with enterprise security roadmaps.

Responsibilities and Achievements:
• Automated lifecycle management for 50+ Okta-integrated platforms — including internal applications, B2B portals, and field service tools — using SailPoint IIQ Rules (BeanShell/Java), Workflows, and REST-based integrations to eliminate manual provisioning and reduce fulfillment time. Defined and implemented role-based access control (RBAC) for 100+ business units, including Corporate IT, Network Engineering, Customer Service, Retail Operations, and Media divisions — mapping entitlements from Siebel CRM, Amdocs, SAP, Oracle Databases, and UNIX/Linux platforms into IIQ roles.
• Designed and executed compliance certification campaigns within IIQ for high-risk systems, such as network management platforms, ERP, HR systems, and customer data repositories — implementing automated approval, escalation, and revocation workflows, with policy violation tracking. Built and optimized aggregation and correlation jobs in IIQ to synchronize identity and entitlement data from multiple authoritative sources (PeopleSoft HRMS, Oracle HCM, Active Directory, Azure AD, and telecom operational databases).
• Developed dashboards, reporting frameworks, and compliance audit outputs using SailPoint reporting functions, SQL Server Reporting Services (SSRS), and SQL Server Analysis Services (SSAS) for SOX and internal security audits. Created and enforced Segregation of Duties (SoD) policies within IIQ, especially in ERP and finance modules, to prevent fraudulent billing, unauthorized network configuration changes, and customer data misuse—leveraging access simulation to validate changes before deployment.
• Partnered with Verizon’s Global Security, Audit, and Compliance teams to ensure IIQ governance aligned with regulatory controls such as CPNI, PCI-DSS, HIPAA, and data retention mandates for telecom and customer data systems.
Executed application onboarding into IIQ, including requirements gathering, authoritative source identification, entitlement cataloging, connector configuration, attribute mapping, provisioning policy setup, and Access Request Center (ARC) implementation for self-service access requests.

Responsibilities and Achievements:

• Integrated SailPoint IIQ with enterprise identity platforms and directories, including Azure AD, Okta, and on-premises Active Directory/LDAP to support seamless birthright provisioning, self-service access requests, and real-time deprovisioning across both on-premises and cloud SaaS workloads. Leveraged the Application Onboarding Framework (AOB) in IIQ to configure connectors for approximately 20 business-critical applications, including ServiceNow, Workday, Oracle E-Business Suite, and custom Discover internal financial systems.
• Engineered complex provisioning policies and business logic using BeanShell scripting, provisioning rules, and workflow steps to enforce multi-stage approval flows, segregation of duties (SoD) checks, and attribute-level transformations before account creation. Built task schedulers for delta aggregation, full account reconciliation, and event-triggered account disablement to meet strict compliance SLAs.
  • Designed, deployed, and customized SailPoint IIQ Joiner–Mover–Leaver (JML) lifecycle workflows tailored for Discover Financial Services' identity governance processes, incorporating dynamic role hierarchies, granular entitlements, and delegated administration models for both internal workforce and third-party contractor populations.
  • Automated and optimized access review campaigns and certifications for PCI-DSS, SOX, and internal risk governance controls, with targeted certification scopes for high-risk entitlements (e.g., privileged admin, financial transaction approval roles). Developed custom CertificationItem and IdentitySelector rules to scope users and entitlements for campaigns dynamically.
• Onboarded Discover’s business units and applications into SailPoint IIQ by working closely with the application owners, solution architects, and information security teams, mapping authoritative sources (Workday HR system, contractor databases), and configuring application schemas, correlation rules, and accounts matching logic to maintain clean and accurate identity data.
  • Developed technical connectors for Discover’s proprietary and vendor-hosted applications using the SailPoint IIQ Connector Toolkit, REST-based integrations, JDBC drivers, and flat-file ingestion methods for legacy mainframe and AS/400-based systems.

Responsibilities and Achievements: • Collaborated with Fannie Mae Development, QA, and Release Management teams to design and implement secure, highly available CI/CD pipelines for deploying Java/Spring Boot, .NET Core, and Node.js-based enterprise applications into AWS, Kubernetes (EKS), and on-premises OpenShift clusters. Worked extensively with Fannie Mae internal platforms such as Loan Delivery (LD), Collateral Underwriter (CU), EarlyCheck, and Desktop Underwriter (DU), ensuring their integration pipelines were automated, monitored, and met security/compliance requirements.
• Performed advanced root cause analysis (RCA) for complex production incidents within Fannie Mae’s highly regulated mortgage-finance ecosystem, leveraging centralized logging (ELK Stack – Elasticsearch, Logstash, Kibana), Dynatrace, Prometheus, and Splunk to identify bottlenecks and compliance risks.
Architected and configured monitoring and alerting systems using Graphite, Graf, Prometheus, and integrated alerting with PagerDuty for proactive incident management aligned with Fannie Mae InfoSec SLA requirements.
• Designed and implemented containerized microservices using Docker with multi-stage builds, orchestrated via Kubernetes (Helm charts, Custom Resource Definitions) for multiple non-prod and prod environments; ensured namespace isolation and enforced Pod Security Policies to comply with Fannie Mae’s NIST cybersecurity framework. Automated build, test, and deployment processes using GitLab CI/CD, Jenkins pipelines, and Maven/Gradle; integrated SonarQube for code quality analysis, Fortify, and Black Duck for static application security testing (SAST/DAST) to meet mortgage industry compliance standards.
• Administered Elastic Cloud on Kubernetes (ECK) clusters for log aggregation, performance analysis, and compliance audits; fine-tuned Logstash pipelines, and configured Elasticsearch index lifecycle management for optimized storage usage. Managed deployments and upgrades for WS components, APIs, and microservices across dev, QA, UAT, Performance, Disaster Recovery, and Production environments, ensuring rollback strategies and zero-downtime releases via blue/green and canary deployment models.