User Access Management UAM Team Lead

Role: User Access Management (UAM) Team Lead
Location: King of Prussia PA REMOTE / Day 1 onsite or Hybrid 3 days onsite 2 days remote per week preferred

Relevant Experience: 10 Years

• Coordinate with Business understand requirement and work with technical teams to define access management work flows
• Should be able to identify access management workflow enhancements/improvements and work on them

• Follow SOP instruction for manual user access provisioning deprovisioning recertification

Document End User and Service Account provisioning procedures including bulk account provisioning and in compliance with customer security policies including:

Develop a quick reference guide for the account provisioning SOPs;

Develop a quick reference guide for 3rd party managed applications;

Develop a guide capturing any exception approval processes for business applications

Develop list of target applications

Publish the quick reference guide to a customer central repository;

Obtain approval from the customer designated personnel;

Perform a quarterly review of the SOPs; and

Conduct awareness campaigns in support of OCM activities for End Users to increase SOP adoption rate improve IAM capabilities and eliminate manual errorprone access management procedures including access requests approvals and reviews.

Perform account provisioning and delegated administration for both End User and Service Accounts including:

Track access requests using ServiceNow and Saviynt IAM system

Verify all approvals required to provide requested access have been obtained prior to account creation;

Perform user account provisioning in Active Directory and other LDAP directories as required;

Perform manual account provisioning for applications that are not enabled for auto provisioning;

Configure and modify auto provisioning workflows as required to optimize provisioning activities;

Configure and modify existing auto provisioning workflows when requested by customer designated personnel;

Detect and remove stale orphaned and duplicate accounts on a monthly basis after first obtaining approval from customer;

Provide delegated administration privileges and support as required by customer; and

Create communications templates for customer approval for use when sending emails to requestors or new employee managers as part of provisioning workflows.

Support access governance activities for applications integrated with Saviynt including:

Provide support as requested for the recertification process for all applications enabled with auto ID provisioning for temporary End Users;

As required by customer provide periodic reports on which users have access to autoprovisioned Applications;

Ensure that proper access is enabled for all users in accordance with the feedback received from customer reviewers on the list described in paragraph (ii) above; and

Reconcile identities with identity status (i.e. active inactive) between HR system and Saviynt

Maintain a base level of access administration knowledge of the specific business applications

Conduct periodic reviews as appropriate to validate that individual employee and Service Account access to programs and libraries is appropriate for Provideroperated Systems notifying Customer of any discrepancies promptly

Perform deprovisioning processes daily for both End User and Service Accounts based upon customerprovided termination list.

Perform End User and Service Accounts clean up based on the accounts list shared by IT security compliance and Identity Governance team

Dormant Accounts

Orphan Accounts

Duplicate Accounts

Test Account

Develop and maintain the ability to deprovision End User and Service Accounts (emergency termination) within 3 hours of notification from customer.

Provide weekly fortnightly and monthly status report

Provide ad hoc reports as required to internal customer teams including user access at organization or Application level periodic endtoend user reconciliation (e.g. match users and user access to HR System active users).

• Proficiency in deploying and configuring access management tools and technologies such as Active Directory LDAP Azure AD Okta SailPoint CyberArk etc.
• Strong understanding of regulatory compliance requirements (e.g. GDPR HIPAA PCI DSS SOX) and security frameworks (e.g. NIST ISO 27001) related to access control and identity governance.
• Excellent analytical and problemsolving skills with the ability to assess complex access control issues identify root causes and propose effective solutions.
• Effective communication and interpersonal skills with the ability to collaborate with diverse stakeholders and articulate technical concepts to nontechnical audiences.
• Relevant certifications such as CISSP CISM CISA CompTIA Security or vendorspecific IAM certifications are a plus.
• Must be proficient in MS Excel or PowerBI
• Experience in managing mid to large size team.