Wriha Timalsina
Mesquite
Summary
Dynamic Senior Cybersecurity Engineer with extensive expertise at Liberty Mutual Insurance, specializing in SailPoint IIQ and Okta architecture.
Overview
6
6
years of professional experience
Work History
Senior Cybersecurity Engineer – SailPoint IIQ & Okta Architect
Liberty Mutual Insurance
Dallas
05.2023 - 06.2025
- Spearheaded full SailPoint IIQ deployment and maintenance across over 25 enterprise applications in highly regulated environments.
- Designed and configured joiner/mover/leaver lifecycle workflows, incorporating multiple authoritative sources and downstream targets.
- Developed and deployed custom BeanShell rules for identity correlation, policy violation formatting, exclusion logic, and entitlement filtering.
- Managed IQService-based provisioning to Active Directory, enabling dynamic group membership and OU placement based on roles.
- Customized task definitions and scheduled jobs for refresh, aggregation, and account synchronization across Workday, Oracle, and JDBC sources.
- Built complex workflow chaining logic using XML, invoking REST APIs for ticket creation, external approvals, and status callbacks.
- Configured SailPoint Access Review campaigns, including Application Owner, Entitlement Owner, and Manager Certifications, with custom email templates and delegation handling.
- Collaborated in Agile ceremonies, including PI planning, sprint retrospectives, and defect triage across cross-functional identity and compliance teams.
- Mentored junior SailPoint developers; led workshops on plugin deployment, debug logs, Rule execution traceability, and Fiddler-based troubleshooting.
- Created reusable templates for QuickLinks, entitlement catalogs, identity attributes, schema extensions, and task definitions.
IAM Consultant – SailPoint & CyberArk Implementation Expert
Citizens Property Insurance
Jacksonville
05.2021 - 04.2023
- Delivered a complete IdentityNow deployment, integrating Workday as authoritative source and ServiceNow for fulfillment workflows.
- Developed custom integration between SailPoint and Okta, utilizing SCIM for provisioning and SAML for authentication.
- Built advanced IdentityNow access profiles, lifecycle states, email notifications, certification campaigns, and role policies.
- Led CyberArk implementation, configuring Safe creation automation, privileged account onboarding, platform policies, and dual control workflow.
- Executed RACF and UNIX system integrations for both read and write operations via JDBC and file-based provisioning tasks.
- Designed multi-level RBAC roles, including org-level and entitlement-level conditions for population-specific governance.
- Wrote RESTful service adapters for managing external application access provisioning, status updates, and error handling.
- Provided training and transition documentation for in-house IAM team and auditors, including data flow diagrams, approval matrix, and SoD mappings.
IAM/CyberArk Developer – SailPoint IdentityIQ 8.x Delivery
Cleveland Clinic
Cleveland
09.2020 - 05.2021
- Integrated SailPoint IIQ with RACF for provisioning and account correlation across mainframe systems using flat-file and connector-based sync.
- Built custom schedulers in Java to automate user de-provisioning, contractor end-date handling, and HR-driven name-change workflows.
- Executed identity cleansing operations using PowerShell scripts to remove orphaned accounts and align with business roles.
- Rolled out Okta MFA and SSO with seamless login to O365 and internal hospital apps; maintained federation trust via SAML assertions.
- Configured SailPoint plugin modules for enhanced logging, error tracking, and webhook notifications for failed provisioning attempts.
- Created centralized identity dashboards using Power BI, visualizing entitlements, access trends, policy violations, and access review metrics.
SailPoint Security Consultant – Healthcare Governance Specialist
Yale New Haven Health
New Haven
05.2019 - 08.2020
- Designed and implemented full RBAC model including entitlement discovery, role mining, and population modeling across healthcare departments.
- Developed SailPoint IIQ certification workflows, including exception handling, reviewer reassignment, and policy violation challenge path.
- Automated provisioning and de-provisioning logic for AD, LDAP, Office 365, Oracle, and Salesforce using IQService and custom provisioning plans.
- Led the implementation of Okta Universal Directory, configuring group rules, dynamic user provisioning, and OAuth 2.0 trust for APIs.
- Created SOPs, change control logs, audit response documentation, and compliance reports for internal and external regulatory reviews.
- Served as escalation point for SailPoint incidents, performing deep-dive investigations into task failures, entitlement mismatches, and rule exceptions.
Education
Master of Science - Information Technology
University of the Cumberlands
Williamsburg, KYBachelor of Engineering - Computer Engineering
McNeese State University
Lake Charles, LASkills
- SailPoint IIQ
- IdentityNow
- CyberArk
- Okta SSO
- Thycotic
- SAML 20
- OAuth 20
- SCIM
- MFA
- Azure AD
- Okta Universal Directory
- Java
- BeanShell
- PowerShell
- SQL
- XML
- HTML
- JavaScript
- AD
- LDAP
- JDBC
- Oracle
- Workday
- Delimited Files
- Mainframe RACF
- ServiceNow
- Role Mining
- RBAC
- ABAC modeling
- LCM
- SoD Policy Enforcement
- Certification Campaigns
- Custom Rule Development
- API Services
- Web Services Integration
- Linux
- Windows Server
- WebSphere
- Tomcat
- WebLogic
- Agile
- Scrum
- SDLC
- CI/CD Pipelines
- DevOps-aware IAM Delivery
Key Project Highlights
- Onboarded 100+ applications across SailPoint IIQ and IdentityNow using advanced provisioning and approval logic
- Developed and launched 40+ custom rules, 25 workflows, 15 certification campaigns, and dozens of QuickLinks
- Managed 1,000+ CyberArk privileged accounts, implemented PSM recording, dual control, and EPV access governance
- Delivered seamless Okta SSO & MFA rollout for 20,000+ users across internal and SaaS platforms
- Reduced manual provisioning workload by 70% through API automation and lifecycle event triggers
- Guided successful SailPoint version upgrades (7.3 to 8.2) with no user impact and enhanced audit readiness
- Architected complex RBAC structures across departments, aligning 10,000+ entitlements into meaningful business roles
Timeline
Senior Cybersecurity Engineer – SailPoint IIQ & Okta Architect
Liberty Mutual Insurance
05.2023 - 06.2025
IAM Consultant – SailPoint & CyberArk Implementation Expert
Citizens Property Insurance
05.2021 - 04.2023
IAM/CyberArk Developer – SailPoint IdentityIQ 8.x Delivery
Cleveland Clinic
09.2020 - 05.2021
SailPoint Security Consultant – Healthcare Governance Specialist
Yale New Haven Health
05.2019 - 08.2020
Master of Science - Information Technology
University of the Cumberlands
Bachelor of Engineering - Computer Engineering
McNeese State University
Similar Profiles
Patrick KellyPatrick Kelly
Claim Team Manager at State Auto Insurance/Liberty Mutual InsuranceClaim Team Manager at State Auto Insurance/Liberty Mutual Insurance
Lori RinconesLori Rincones
Sales Director at Liberty Mutual Insurance (now Comparion Insurance)Sales Director at Liberty Mutual Insurance (now Comparion Insurance)
Luz Guzman RomanoLuz Guzman Romano
Lead Sales Representative at Liberty Mutual Insurance/Comparion Insurance AgencyLead Sales Representative at Liberty Mutual Insurance/Comparion Insurance Agency
Grant MeierGrant Meier
Claim Manager at State Auto Insurance/Liberty Mutual InsuranceClaim Manager at State Auto Insurance/Liberty Mutual Insurance
Adriana Ortiz DuranAdriana Ortiz Duran
Medical Office Assistant at Md Kids PediatricsMedical Office Assistant at Md Kids Pediatrics