Summary
Overview
Work History
Education
Skills
Timeline
Generic

Subhash Y

Dallas,Texas

Summary

Senior IAM Engineer with 8 years of experience in architecting, implementing, and optimizing large-scale Identity and Access Management (IAM) solutions across enterprise environments in financial services, healthcare, and technology sectors. Proven expertise in identity lifecycle management, privileged access management (PAM), identity governance, and modern authentication frameworks (SSO, MFA). Extensive hands-on experience with industry-leading tools such as CyberArk PAM (EPV, AIM, PSM), SailPoint IdentityIQ, Okta Identity Cloud, Active Directory, LDAP, and federation protocols like SAML 2.0, OAuth 2.0, OpenID Connect. Skilled in architecting RBAC models, onboarding and securing enterprise applications, and automating IAM workflows using PowerShell, Python and API integrations. Experience supporting cloud-based and hybrid IAM deployments across AWS, GCP, and on-prem environments. Led large-scale migrations of legacy IAM systems (ISIM to SailPoint), supported cloud-first identity integrations across GCP, AWS, and hybrid environments, and collaborated with cross-functional teams to implement Zero Trust architecture. Experience in automating onboarding/offboarding processes and delivering audit-ready reporting to support SOX, PCI-DSS, HIPAA, and enterprise compliance. Adept at supporting IAM operations (L2/L3), driving continuous IAM governance improvement, and enhancing enterprise security posture.

Engineering professional with solid track record in project management and technical innovation. Adept at driving engineering processes to achieve optimal performance, ensuring high-quality outcomes. Known for collaborative approach and reliability in dynamic environments, leveraging problem-solving and analytical skills.

Overview

8
8
years of professional experience

Work History

Senior Engineer – IAM

BC Forward (JP Morgan Chase)
03.2024 - Current
  • Architected and implemented CyberArk Privileged Access Management (PAM) solutions, including Enterprise Password Vault (EPV), Central Policy Manager (CPM), Privileged Session Manager (PSM), Privileged Vault Web Access (PVWA), and Application Identity Manager (AIM).
  • Executed CyberArk platform upgrades to align with current security standards and improve platform stability and performance.
  • Managed privileged account onboarding, vault administration, safe creation, policy configuration, and integration with enterprise authentication systems (LDAP, Kerberos).
  • Collaborated with security and infrastructure teams to mitigate privileged access risks through effective policy enforcement and CyberArk governance.
  • Integrated SSO and MFA (SAML 2.0, OAuth 2.0, Duo) to enhance authentication and access security for critical applications and infrastructure.
  • Automated PAM operational tasks and compliance reporting to support internal audit, SOX, and PCI-DSS requirements.
  • Worked closely with application teams to onboard critical applications and service accounts into CyberArk, ensuring secure credential management across business units.
  • Implemented least privilege access controls and session monitoring to strengthen the organization’s zero trust security framework.

IAM Security Engineer

Vsion Technologies, Inc. (Amwell)
09.2022 - 02.2024
  • Led migration of legacy IAM platform to SailPoint IdentityIQ, driving modernization of identity lifecycle management and improving audit compliance.
  • Designed scalable RBAC models to standardize entitlements across GCP cloud and on-prem environments, reducing role sprawl and improving access governance.
  • Conducted in-depth entitlement reviews and user access certifications to support internal audit cycles and external regulatory compliance (SOX, PCI-DSS).
  • Collaborated with business units to align IAM controls with risk appetite and compliance frameworks; participated in formal audit remediation efforts.
  • Integrated key applications with SailPoint and Okta, supporting both federated (SAML, OAuth) and legacy authentication methods.
  • Created audit-ready IAM reporting and dashboards to support GRC requirements and streamline evidence collection for auditors.
  • Participated in IAM change management and controlled deployment processes, including UAT coordination and production change reviews.
  • Partnered with risk and information security teams to define IAM governance policies and procedures in support of enterprise objectives.

IAM Engineer

Atos Syntel (American Express)
01.2017 - 12.2021
  • Spreadheaded Okta SSO and MFA integration initiatives across the enterprise, delivering seamless and secure access to cloud-based and SaaS applications.
  • Collaborated with application owners to onboard critical applications into Okta using SAML, OAuth, and OpenID Connect protocols.
  • Designed and implemented adaptive MFA policies, including Okta Verify, SMS, and Voice, to strengthen authentication in alignment with HIPAA requirements.
  • Created and managed API tokens and facilitated integrations with platforms such as Office 365, AWS, and Box.
  • Defined and maintained RBAC models in Active Directory and Okta to enforce least privilege access across business units.
  • Led periodic identity hygiene initiatives, including Active Directory cleanup and de-provisioning of dormant accounts.
  • Configured network zones and dynamic access policies within Okta to enhance contextual access control and risk-based authentication.
  • Supported federation architecture and contributed to the migration of legacy SSO systems to Okta’s cloud-based identity platform.
  • Coordinated with security, compliance, and application teams to enhance IAM governance and streamline access review processes.

Education

Master of Science - Computer Science

University of Texas At Arlington
Arlington, TX
08-2023

Skills

  • IAM & IGA Tools: CyberArk PAM (EPV, AIM, PSM, PVWA), SailPoint IdentityIQ, Okta Identity Cloud
  • Authentication & Federation: SSO, MFA, SAML 20, OAuth 20, OpenID Connect (OIDC), Kerberos
  • Identity Lifecycle & Governance: RBAC, Identity Lifecycle Management, Access Certifications, Compliance (SOX, PCI-DSS, HIPAA), Audit Reporting
  • IAM Automation: PowerShell, Python, API-based automation, Identity Reconciliation
  • Directory Services: Active Directory, LDAP
  • Cloud Platforms: GCP (IAM & RBAC), AWS (IAM), SaaS Identity Integrations
  • IAM Process Frameworks: Zero Trust, ITIL, Change Management, Credential Vaulting and Rotating
  • Collaboration: Cross-functional teams (Security, GRC, Risk, Application Teams, Network, Infrastructure)
  • Other Tools: IAM Reporting, ServiceNow, JIRA, Bitbucket, GitHub, Splunk, Postman, Oracle

Timeline

Senior Engineer – IAM

BC Forward (JP Morgan Chase)
03.2024 - Current

IAM Security Engineer

Vsion Technologies, Inc. (Amwell)
09.2022 - 02.2024

IAM Engineer

Atos Syntel (American Express)
01.2017 - 12.2021

Master of Science - Computer Science

University of Texas At Arlington

Similar Profiles

  • Lisa Olivia Grenvicz

    Lisa Olivia GrenviczLisa Olivia Grenvicz

    Private Client Banker at JP Morgan Chase & Company (Chase Bank)Private Client Banker at JP Morgan Chase & Company (Chase Bank)

  • Taylor Sims

    Taylor SimsTaylor Sims

    Client Services Specialist & Associate Banker at JP Morgan Chase & Chase BankClient Services Specialist & Associate Banker at JP Morgan Chase & Chase Bank

  • Brendy Kamba

    Brendy KambaBrendy Kamba

    ASSOCIATE, CLIENT ASSOCIATE at J.P. MORGAN CHASE & CO. | JP MORGAN ADVISORSASSOCIATE, CLIENT ASSOCIATE at J.P. MORGAN CHASE & CO. | JP MORGAN ADVISORS

  • Amaya Williams

    Amaya WilliamsAmaya Williams

    Customer Service Representative at Hello FreshCustomer Service Representative at Hello Fresh

  • Asher Onserio

    Asher OnserioAsher Onserio

    Team Manager at Union Adventist University Soccer TeamTeam Manager at Union Adventist University Soccer Team

CREATE PROFILE
Subhash Y