Role: - User Access Management (UAM) Team Lead
Location: - King of Prussia, PA REMOTE / Day 1 onsite or Hybrid 3 days onsite, 2 days remote per week preferred
Relevant Experience: 10+ Years
Document End User and Service Account provisioning procedures, including bulk account provisioning, and in compliance with customer security policies, including:
Develop a quick reference guide for the account provisioning SOPs;
Develop a quick reference guide for 3rd party managed applications;
Develop a guide capturing any exception approval processes for business applications
Develop list of target applications
Publish the quick reference guide to a customer central repository;
Obtain approval from the customer designated personnel;
Perform a quarterly review of the SOPs; and
Conduct awareness campaigns in support of OCM activities for End Users to increase SOP adoption rate, improve IAM capabilities and eliminate manual, error-prone access management procedures, including access requests, approvals and reviews.
Perform account provisioning and delegated administration for both End User and Service Accounts, including:
Track access requests using ServiceNow and Saviynt IAM system
Verify all approvals required to provide requested access have been obtained prior to account creation;
Perform user account provisioning in Active Directory and other LDAP directories as required;
Perform manual account provisioning for applications that are not enabled for auto provisioning;
Configure and modify auto provisioning workflows as required to optimize provisioning activities;
Configure and modify existing auto provisioning workflows when requested by customer -designated personnel;
Detect and remove stale, orphaned and duplicate accounts on a monthly basis, after first obtaining approval from customer;
Provide delegated administration privileges and support as required by customer; and
Create communications templates for customer approval, for use when sending emails to requestors or new employee managers as part of provisioning workflows.
Support access governance activities for applications integrated with Saviynt, including:
Provide support as requested for the recertification process for all applications enabled with auto ID provisioning for temporary End Users;
As required by customer, provide periodic reports on which users have access to auto-provisioned Applications;
Ensure that proper access is enabled for all users in accordance with the feedback received from customer reviewers on the list described in paragraph (ii) above; and
Reconcile identities with identity status (i.e., active, inactive) between HR system and Saviynt
Maintain a base level of access administration knowledge of the specific business applications
Conduct periodic reviews, as appropriate, to validate that individual employee and Service Account access to programs and libraries is appropriate for Provider-operated Systems, notifying Customer of any discrepancies promptly
Perform de-provisioning processes daily for both End User and Service Accounts based upon customer-provided termination list.
Perform End User and Service Accounts clean up based on the accounts list shared by IT security compliance and Identity Governance team
Dormant Accounts
Orphan Accounts
Duplicate Accounts
Test Account
Develop and maintain the ability to de-provision End User and Service Accounts (emergency termination) within 3 hours of notification from customer.
Provide weekly, fortnightly and monthly status report
Provide ad hoc reports as required to internal customer teams, including user access at organization or Application level, periodic end-to-end user reconciliation (e.g., match users and user access to HR System active users).
By signing in to your account, you agree to Bestjobs.jp's Terms of Service and consent to our Privacy Policy.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.