Apply now »

TC-CS-IAM-IMP-One Identity-Staff

Location:  Chennai
Other locations:  Anywhere in Country
Salary: Competitive
Date:  Dec 5, 2024

Job description

Requisition ID:  1550977

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

 

 

 

 

Intermediate Quest One Identity Manager Developer

Role Overview:

An Intermediate Quest One Identity Manager Developer is responsible for complex development and integration tasks within the One Identity Manager platform. This role focuses on custom connector development, advanced workflow configurations, and optimizing synchronization processes for large-scale identity management.

 

Key Responsibilities:

  • Design and implement custom workflows using Designer and Object Browser for complex provisioning tasks, including multi-level approval processes and conditional attribute assignment.
  • Develop and maintain custom connectors for integrating with external systems (e.g., REST APIs, SOAP Web Services, SAP, HR Systems, Azure AD, Oracle), using Synchronization Editor and APIs.
  • Write advanced SQL stored procedures, triggers, and custom queries for data reconciliation and manipulation within One Identity’s database.
  • Configure and optimize Job Service and DBQueue to handle high-volume job processing and resolve performance bottlenecks.
  • Develop complex VBScript and PowerShell scripts to implement business logic (e.g., dynamic role assignments, custom event handling, and email notifications).
  • Implement and configure role mining and role lifecycle management processes, ensuring role compliance and SoD (Segregation of Duties) policy enforcement.
  • Extend the functionality of the Web Portal by customizing the UI forms, adding new fields, and configuring specific approval workflows for access requests.
  • Perform advanced troubleshooting using Job Queue Info, analyzing detailed logs, and debugging synchronization and provisioning failures.
  • Implement and maintain the attestation process, ensuring compliance through periodic certification of user roles and entitlements.
  • Lead efforts to implement custom reporting using SQL Server Reporting Services (SSRS) or One Identity Reporting Module to deliver access governance insights.
  • Integrate One Identity Manager with cloud services (e.g., Azure AD, AWS IAM) and on-prem applications using custom-developed connectors.

 

Technical Requirements:

  • In-depth knowledge of Quest One Identity Manager architecture, including Application Server, Job Server, and Data Governance Edition.
  • Advanced SQL skills for writing stored procedures, views, and triggers.
  • Proficiency in VBScript, PowerShell, and knowledge of One Identity Manager API.
  • Strong experience with Synchronization Editor for developing custom connectors.
  • Deep understanding of Active Directory, LDAP, HR systems, Azure, and other integrated systems.
  • Familiarity with SoD policies, role mining, and advanced RBAC configuration.

 

Senior Quest One Identity Manager Developer/Manager

Role Overview:

A Senior Quest One Identity Manager Developer or Manager is responsible for the overall architecture, design, and delivery of large-scale IAM solutions using One Identity Manager. They lead the design of custom connectors, workflows, role management, and compliance processes, ensuring scalability, performance, and security.

 

Key Responsibilities:

  • Architect and design scalable IAM solutions using Quest One Identity Manager to handle complex identity lifecycle management processes, including HR-driven provisioning, custom entitlements, and federated identity models.
  • Lead the design and development of custom connectors for integration with on-prem and cloud-based applications, using RESTful APIs, SOAP Web Services, and JSON/XML data handling.
  • Implement complex provisioning workflows with multi-step approval processes, dynamic decision-making logic, and condition-based role assignments using One Identity Manager’s Workflow Engine and Object Layer (DalScript).
  • Optimize Job Service and DBQueue configurations to ensure high availability and load balancing in large-scale deployments.
  • Develop custom One Identity Manager Modules, extending the base platform by adding functionality using C# or One Identity Manager Framework (Dialog scripts and custom assemblies).
  • Implement advanced Segregation of Duties (SoD) enforcement mechanisms, including cross-system policy validation, and ensure attestation processes are automated and integrated into the identity governance framework.
  • Lead the configuration and customization of One Identity Manager Web Portal, including designing custom forms, access request pages, and integrating third-party authentication mechanisms (e.g., SAML, OAuth).
  • Develop and implement automated compliance reporting and auditing processes, ensuring all identity governance data is readily available for audits and access certifications.
  • Manage system upgrades, migration of connectors, and perform disaster recovery planning for One Identity Manager infrastructure.
  • Lead the development team, mentor junior developers, and drive best practices in scripting, connector development, workflow design, and system performance tuning.
  • Collaborate with security architects, auditors, and business stakeholders to ensure One Identity Manager meets all security, compliance, and business process requirements.

 

Technical Requirements:

  • Deep understanding of Quest One Identity Manager architecture, including One Identity Manager API, Job Server, Synchronization Engine, and Data Governance Edition.
  • Expertise in SQL Server, with experience in writing complex SQL stored procedures, functions, and views.
  • Advanced scripting skills in VBScript, PowerShell, and C#, with knowledge of building custom connectors and developing modules.
  • Experience in integrating One Identity Manager with cloud platforms (e.g., Azure, AWS), and enterprise applications (e.g., SAP, Oracle, Workday).
  • Knowledge of Role-Based Access Control (RBAC), SoD, and attestation processes.
  • Strong experience with API integration and data synchronization.

Experience leading IAM projects and development teams.

 

EY | Building a better working world 


 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  


 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  


 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.  

Apply now »