Shahzad Khalid
The Bronx,NY
Summary
Almost7+Years of expertise in IAM with Okla, Auth0, LDAP, SSO, MFA, Active Directory, RBAC, Power Shell,. Integrated Active Directory with IAM platforms and solutions to centralize identity management, access control, and authentication processes. Cyber Security/SOC Analyst, SOAR expert, Apache Elasticsearch, AWS Detective, Azure Sentinel, Google Cloud Security For a role requiring years of hands-on experience with Okla administration, implementation, and integration along with experience in building and managing IAM programs and identity management principles Integrated Active Directory with IAM platforms and solutions to centralize identity management, access control, and authentication processes. Solid Experience in Strong Authentication Auth Minder - 2 Factor Authentications. Extensive experience with designing and implementing Salient Security Manager including a deep architectural understanding of its technical components Experience designing and developing J2EE/Java applications with focus on REST API and Web services Expertise in relational databases and SQL Excellent written and verbal skills for communicating complex technical issues and concepts Expertise developing troubleshooting processes, methodologies and standards with Salient Security Manager. Cross-Department Collaboration: Work closely with IT, security, legal, and compliance teams to ensure IAM solutions meet business needs and regulatory standards. Training and Awareness: Provide training and guidance to internal teams on IAM policies, standards, and security best practices. Program Design and Implementation: Lead the design, development, and implementation of IAM programs, ensuring they align with organizational goals and security policies. Policy Development: Create and enforce identity and access management policies that comply with industry standards and regulatory requirements. Lifecycle Management: Oversee the complete identity lifecycle management process, ensuring that user accounts and permissions are appropriately managed from creation to termination. Access Review and Audits: Conduct regular access reviews and audits to ensure that IAM practices meet security standards and compliance requirements, addressing any discrepancies or gaps. Governance and Compliance: Ensure IAM solutions comply with industry regulations and frameworks (e.g., HIPAA, SOX, GDPR) and provide ongoing reporting for audits and compliance reviews. SSO Implementation: Lead the implementation and maintenance of Single Sign-On (SSO) solutions using Okla, ensuring a seamless and secure user experience across multiple applications. MFA Deployment and Management: Implement and maintain Multi-Factor Authentication (MFA) to enhance security, ensuring that it is configured appropriately across all systems and applications. User Provisioning and De-provisioning: Manage the automation of user provisioning and de-provisioning processes, ensuring that users have the appropriate access rights based on their roles within the organization. Access Control Management: Define and manage access control policies, including role-based access control (RBAC) and attribute-based access control (ABAC), to ensure the right people have the right access at the right time.
Overview
7
7
years of professional experience
Work History
Sr. IAM engineer
Risk strategies
Boston, US
02.2023 - Current
- Worked on Custom Authentication Schemes in Ping Access based on Business needs
- Installed and Configured Ping Access to authenticate and authorize the users using Ping federation as token provider
- Ensure Compliance: Ensure that IAM practices comply with regulatory frameworks such as HITRUST, HIPAA, SOC, and other industry standards
- Audit Management: Lead and manage IAM audits, ensuring proper documentation and evidence collection for compliance reviews
- Policy Development and Enforcement: Develop and enforce IAM policies that meet regulatory requirements and industry best practices
- Okla Configuration and Management: Administer and configure Okla for identity management, including user provisioning, deprovisioning, and group management
- Okla Integration: Lead the integration of Okla with various internal and third-party applications, ensuring seamless SSO (Single Sign-On) and MFA (Multi-Factor Authentication) capabilities
- Cross-Department Collaboration: Collaborate with security, IT, and other business teams to design and implement IAM solutions that meet organizational and security needs
- User Training and Support: Provide training to users and internal teams on Okla functionalities, best practices for identity management, and how to effectively use SSO and MFA
- Vendor Management: Manage relationships with Okla and other IAM-related vendors, ensuring that support and services are aligned with the organization’s needs
- Risk Assessment: Conduct regular risk assessments to ensure that IAM controls align with the organization's regulatory obligations and security posture
- Define the strategic objectives of SDLC governance aligned with business goals
- Approve governance policies, budgets, and resources
- Monitor key metrics and outcomes related to software quality, compliance, and security
- Champion a culture of accountability and continuous improvement
- Hands on experience in designing, deployment, implementation and architecture with Ping Access and Ping Federate
- Stay updated on emerging threats and vulnerabilities
- Apply patches and updates to mitigate identified risks
- Collaborate with threat intelligence teams to enhance defensive strategies
Saviynt consultant
Vanguard
03.2020 - 12.2022
- Company Overview: Remote
- Managed key projects for the Information Security Department, Confidential, driving strong functional and privileged ID management processes
- Okla Workflows and Automation: Build and manage Okla workflows and automation processes to streamline identity management and enhance operational efficiency
- Troubleshooting and Support: Provide troubleshooting and support for Okla-related issues, including user access problems and integration challenges
- JML is a critical identity lifecycle process ensuring users have appropriate access at each stage of their employment
- Gap Analysis: Utilize analytical skills to identify gaps in current IAM systems or processes and recommend improvements to reduce risk and enhance operational efficiency
- Security Enhancement: Proactively develop solutions to improve IAM processes, address vulnerabilities, and ensure systems are aligned with evolving security requirements
- Monitoring and Reporting: Continuously monitor IAM systems for compliance and security gaps, reporting findings to management and recommending corrective actions
- Evaluate New Technologies: Stay updated on the latest IAM trends, technologies, and best practices
- Evaluate and propose new solutions that enhance security, efficiency, and user experience
- Risk and Gap Analysis: Perform risk assessments and gap analyses related to IAM practices and Okla integrations, recommending improvements to address vulnerabilities or inefficiencies
- Scalability and Performance: Ensure that the IAM systems, including Okla, are scalable, reliable, and efficient as the organization grows, proactively addressing any performance concerns
- Gather and analyze enterprise security, regulatory compliance, and business process requirements and lead others in performing these activities
- Drive delivery of quality access provisioning and governance functional specifications and use cases
- Architect & design the implementation of Saviynt solutions
- Analyze client requirements and specifications and be able to outline the feasibility and implementation with Saviynt solutions, be able to direct others in performing these activities
- Identifying inadequacies within the environment and construct solutions to address IAM shortfalls
- Work with Change Management functional groups to follow processes and effectively communicate to end users on usage of IAM integrations, automation and user interface through Job Aids and other complementing methods
- Work with the Identity Management manager to implement the programs and processes as agreed to by Infrastructure leadership
- Provide daily management of program-level risks & issues related to organizational impact and acceptance of change, regulatory controls and audit findings, identity data security, and scope/schedule/cost
- Engage business and IT stakeholders to build consensus around IAM Program success metrics, business benefit, and support for organizational change
- Monitored and responded to computer security incidents following established security procedures
- Collaborated with internal IT to implement a support framework for the unit’s non-standard technology remit
- Reviewed and adjust existing IAM processes (provisioning, de-provisioning, re-certifications,) to ensure that they are aligned with industry best practices
- Application integrations including Active Directory, LDAP, Sales force
- Implement and support least privilege IAM best practices for directories
- Basic Power Shell for scripting and SQL for database management system
- Remote
Identity Access Management Analyst
Defy security
12.2018 - 02.2020
- Company Overview: PA
- Responsible for processing requests to add, change or revoke access rights and to make sure that only authorized users are granted the right to use a service within agreed SLAs, tracked through Service Now
- Managing the Beyond Trust Identity Management system, provisioning of applications into the identity and access management system and administration of access profiles
- Processes requests for access and the addition of new groups, systems, applications, or users in a timely manner
- Serve as an escalation point between the Identity and Access Management agent on the client's support team and the Identity and Access Management system owners
- Remove Users Certification Access from IAM Identity quarterly review
- Primary provisioned over 40+ enterprise applications access
- Hands-on experience configuring and administering CA Technologies Privileged Access Management Suite for Unix, Linux, and Windows servers
- Provisioning new contractor, staff, and team member accounts through Oracle 11i, Oracle Fusion, Identity federation (SMAL, Open ID), and Oracle Identity Manager
- Modifying rights, permissions of owners, groups, directories in Active Directory and AD and Lightweight Directory Services
- Domain and process administration, contribution and reviewing processes and SOX compliance for Quarterly Reviews for the AMO team
- Operation and Maintenance of CyberArk components: EPV, PVWA, PSM, PSMP, PTA, and AAM
- Support of identity and access management (IAM) system, monitoring operation of (joiner, mover, leaver), ensuring password policies, RBAC and ABAC, least privilege concepts
- PA
Identity Access Management Admin
Ledger
Ledger, US
10.2017 - 11.2018
- Company Overview: NY
- Set up and Provisioning user accounts to access the applications and data as Single Sign-On SSO
- Meet with the business to Set up and maintain their applications
- Gather business requirements and understand business, functional and technical requirements
- Create Test Plans to check user and business requirements thoroughly
- Providing operational support for the user access
- Application Support for External user Access
- Data analysis Extracted, compiled, tracked data, and analyzed data to generate reports
- Executing test plans using web based business applications
- Generate reports to higher level management groups for Audits, Reviews and Authorizations
- Work Incident related user’s access, application configuration
- Worked closely with IT Team to resolve issue and integrate new changes 'NIBCO, CAIDM, Site Minder and Oracle Database'
- Monitoring and analysis processes access management and endpoint security solutions for internal and external users within new or existing applications
- Handling High Priority incidents from VIP clients and organizations
- Worked with project managers, developers, and end users to ensure application supported the business requirements
- Assist with planning projects
- Executing tasks and producing deliverables as outlined in the Project Plan and directed by the Project Manager
- Developed use cases and workflow
- Integration of 70+ application and user’s data from old platform to the new platform
- NY
Skills
- Relationship building
- People management
- Collaboration
- Problem solving
- Public speaking
- Presentation coaching
- Vocal shaping
- Technology innovation
- Self-help
- Cyber Ark
- Windows Azure
- Jira
- LDAP
- Forefront/Microsoft Identity Manager (MIM)
- Ping ID
- OKTA
- Power Bi
- Microsoft Visio
- Microsoft Hyper-V
- Google Suite (G-Suite)
- Office 365
- Adobe Creative Suite
- SIEM
- Citrix
- SharePoint
- Agile development methodology
- Service Now
- Microsoft Exchange Server
- NIST
- VPN
- Multi-Factor Authentication
Timeline
Sr. IAM engineer
Risk strategies
02.2023 - Current
Saviynt consultant
Vanguard
03.2020 - 12.2022
Identity Access Management Analyst
Defy security
12.2018 - 02.2020
Identity Access Management Admin
Ledger
10.2017 - 11.2018
Similar Profiles
Jason EllisonJason Ellison
Benefits Leader, National Healthcare Practice at Risk StrategiesBenefits Leader, National Healthcare Practice at Risk Strategies
Timothy DevinTimothy Devin
NEW YORK REGION PRIVATE CLIENT LEADER/SENIOR VICE PRESIDENT at Risk StrategiesNEW YORK REGION PRIVATE CLIENT LEADER/SENIOR VICE PRESIDENT at Risk Strategies
Carl SauermanCarl Sauerman
Vice President at Risk StrategiesVice President at Risk Strategies
Dina TahaneyDina Tahaney
Private Client Relationship Manager at Risk StrategiesPrivate Client Relationship Manager at Risk Strategies
Yismely JaquezYismely Jaquez
Group Leader at Acacia NetworkGroup Leader at Acacia Network