Job Description

IAM Discovery Analyst – Job Description

Role Overview

The IAM Discovery Analyst is a critical role responsible for discovery, analysis, and documentation of enterprise identity ecosystems. The role focuses on identity source discovery, lifecycle mapping, access analysis, and stakeholder-driven documentation to enable robust IAM transformation programs.

This role acts as the foundation for identity governance by establishing visibility across identities, applications, access patterns, and lifecycle processes.

Key Responsibilities

· Lead identity source discovery across AD, LDAP, Microsoft Entra ID, and cloud IAM environments; onboard and normalize identity datasets

· Discover and catalogue enterprise applications, authentication flows, and access pathways; map identity-to-application relationships

· Develop end-to-end Joiner–Mover–Leaver (JML) lifecycle documentation with strong technical writing aligned to audit/compliance needs

· Lead stakeholder workshops (HR, IT, Security, Business) to capture identity flows, access requirements, and process gaps

· Perform HRIS–IAM integration mapping including data flows, attributes, triggers, and provisioning workflows

· Analyze access patterns (roles, entitlements, usage) to establish baseline access models and optimization opportunities

· Correlate and normalize identity data across systems; eliminate duplicates and identify orphan/shadow accounts

· Support RBAC/ABAC role modeling and role mining initiatives using access and attribute insights

· Enable automated discovery using APIs (REST, SCIM) and connectors

· Identify identity risks (excessive access, toxic combinations, privilege creep) and recommend remediation actions

· Develop CISO-ready dashboards (coverage %, orphan accounts, privilege exposure, onboarding gaps)

· Work with IGA tools such as SailPoint IdentityNow, Saviynt, or similar platforms

Additional Key Expectation (Critical for Hiring):

· Strong Business Analyst orientation with ability to translate business processes into IAM constructs

· Proven experience in Wealth Management domain (client onboarding, advisor access, portfolio systems, regulatory controls)

· Ability to bridge business, compliance, and technology for identity lifecycle and access governance design

Bottom of Form

Qualifications & Experience

• 6–10 years of experience in IAM, Identity Governance, or Security Engineering 

• Proven experience in large IAM discovery or transformation projects 

• Strong experience in identity lifecycle documentation and technical writing 

• Experience in HRIS integration and enterprise process mapping 

• Experience in leading stakeholder workshops 

Technical Skills

• Identity source discovery (AD, LDAP, Entra ID, Cloud IAM) 

• Application inventory mapping and access discovery 

• Data correlation, normalization, and identity reconciliation 

• RBAC/ABAC understanding and role mining 

• API (REST, SCIM) and connector knowledge 

• Identity lifecycle (JML) mapping 

• Risk and anomaly identification 

• IAM tooling exposure (SailPoint, Saviynt, etc.) 

• Reporting and dashboarding 

Certifications

Must-have:

• SailPoint IdentityNow / IdentityIQ Certifications 

• Microsoft IAM Certification (SC-300 or equivalent) 

Good-to-have:

Okta Certifications , CyberArk Certifications , Cloud Certifications (AWS / Azure / OCI) 

Strategic: CISSP , CIAM ,• CIGE 

Soft Skills

• Strong analytical and problem-solving skills 

• Excellent communication and documentation capability 

• Ability to engage C-level stakeholders 

• Structured thinking and workshop facilitation capability 

Work Location

Austin US

Job Tags

Similar Jobs