Professional Summary:

1. Designed and implemented robust IAM solutions spanning the full identity lifecycle
across multi-cloud (AWS, Azure, Google Cloud) and hybrid environments, focusing on
scalability, compliance, and security. Led IAM architecture in enterprise banking
settings, supporting millions of identities.
2. Deployed and managed enterprise-wide Identity Provider (IdP) solutions using Okta
(Universal Directory, Adaptive MFA, SSO) and Ping Identity. Configured identity
federation with SAML 2.0, OAuth 2.0, and OIDC to streamline cross-domain
authentication for workforce and partners.
3. Integrated complex hybrid and on-prem directories by connecting Microsoft Active
Directory (AD) to Azure AD using Azure AD Connect and Microsoft Identity Manager
(MIM). Enabled seamless identity synchronization and single identity source across
multiple ecosystems.
4. Engineered adaptive Multi-Factor Authentication (MFA) and Conditional Access
policies across Okta and Azure AD to support Zero Trust security posture. Configured
SSO with risk-based access to protect sensitive workloads while ensuring frictionless
user experience.
5. Implemented scalable Identity Governance solutions using SailPoint IdentityIQ and
IdentityNow, automating joiner-mover-leaver processes. Delivered enterprise-wide
governance through real-time policy enforcement, identity intelligence, and access
certifications.
6. Led Access Management initiatives aligned to compliance frameworks by
implementing Role-Based Access Control (RBAC), Segregation of Duties (SoD), and
periodic access reviews. Automated access request workflows to reduce risk and improve
user experience.
7. Established and operationalized Privileged Access Management (PAM) controls
using CyberArk components including EPV, PSM, and CPM. Also integrated
BeyondTrust to monitor privileged user behavior, secure credentials, and enforce least
privilege principles.
8. Developed secure secrets management strategies using HashiCorp Vault and
CyberArk AIM, eliminating hardcoded credentials in applications and pipelines. Built
automated workflows for secrets injection in runtime environments and audit logging.
9. Implemented advanced PAM features like Just-In-Time (JIT) access, ephemeral
credentials, session isolation, session recording, and break-glass access, ensuring all
privileged activity was tracked and compliant with audit standards.
10. Delivered enterprise-grade Customer Identity and Access Management (CIAM)
solutions using Okta CIAM to support secure, seamless access for B2C and B2B user
populations. Enabled user-friendly flows with social login, self-service registration, and
passwordless access.
11. Built intelligent CIAM workflows with progressive profiling, consent management, and
adaptive MFA to meet GDPR and CCPA/CPRA privacy regulations while improving
customer experience and fraud resistance.
12. Configured and supported a wide range of authentication and federation protocols
including SAML 2.0, OAuth 2.0, OIDC, LDAP, and Kerberos. Ensured interoperability
of cloud-native and legacy applications during digital transformation initiatives.
 13. Automated identity provisioning and governance using SCIM, RESTful APIs,
JSON/JWT, and Microsoft Graph API to integrate IAM platforms with HRMS, CRM,
and ticketing systems for real-time identity and access updates.
14. Developed governance strategies aligned with NIST, ISO 27001, SOX, PCI DSS,
GDPR, and CPRA. Embedded IAM controls into enterprise GRC frameworks, enabling
consistent compliance reporting and reduced audit findings.
15. Integrated IAM platforms with SIEM tools like Splunk and Azure Sentinel to
centralize log collection, enable real-time alerts, and power UEBA for behavioral
anomaly detection. Interfaced IAM events with GRC tools for continuous compliance.
16. Managed cloud-native IAM components in AWS, Azure, and GCP, including IAM
policies, service accounts, and cross-account federated roles. Configured identity
federation with third-party SaaS and enabled centralized governance via AWS Control
Tower and Azure AD B2B.
17. Built automation workflows using Okta Workflows, PowerShell, and Python to
streamline user onboarding, offboarding, access reviews, and compliance checks. Created
automated reports for auditors and GRC stakeholders.
18. Integrated IAM into DevSecOps pipelines using Infrastructure as Code (Terraform,
Ansible) and CI/CD tools (Jenkins, Azure DevOps), embedding IAM configuration and
access control validation into build and release workflows.

Work Experience:

AT&T, Dallas, TX March 2024 - Present

Role: Senior IAM ENGINEER

 Managed enterprise-grade Identity & Access Management (IAM) systems by integrating

Okta, Azure AD, and Active Directory (AD) with hybrid identity strategies to support on-
premises and cloud-native infrastructures.
 Handled Directory Services & Identity Providers (IdPs) combining Okta Universal
Directory, Microsoft Identity Manager (MIM), and LDAP to support scalable, secure
authentication ecosystems across Microsoft 365 and Azure.
 Rolled out Single Sign-On (SSO) and Multi-Factor Authentication (MFA) mechanisms
across Microsoft 365, Salesforce, Azure DevOps, and ServiceNow, leveraging OAuth
2.0, OpenID Connect (OIDC), and SAML 2.0 protocols with Okta as the identity broker.

 Worked on Customer Identity & Access Management (CIAM) platforms using Okta
CIAM and Okta CIC, implementing features like progressive profiling, social login
integration, and passwordless authentication (FIDO2/WebAuthn).
 Applied Consent & Preference Management aligned with GDPR, CCPA/CPRA, and ISO
27001/27018, utilizing Microsoft Azure localization, Okta self-service registration, and
branding customization for customer-facing applications.
  Worked on Federation Protocols including SAML 2.0, WS-Federation, WS-Trust, and
OAuth 2.0, with Microsoft Azure AD and Okta Federation Hub to secure communication
between services.
 Set up SCIM provisioning for third-party SaaS platforms via Okta, integrating real-time
user sync with Microsoft 365, ServiceNow, and Workday, while also using Microsoft
Graph API for orchestration.

 Set up Cloud IAM Services integrating Okta, Azure AD, Google Cloud Identity, and
Microsoft Defender for Cloud, enabling secure entitlement management across a multi-
cloud environment.
 Served as an IAM SME for multi-tenant SaaS Federation, consolidating cross-
organization access via Microsoft Conditional Access, Okta Universal Directory, and
OAuth 2.0 federation rules.

 Put together compliance dashboards and fed identity logs to SIEM platforms like Splunk,
QRadar, and Azure Sentinel, enabling log correlation and behavioral analytics to support
GRC initiatives.

 Set up Identity Governance & Administration (IGA) platforms using SailPoint IdentityIQ
and Okta integrations, enabling automated identity lifecycle management, provisioning,
and deprovisioning workflows.

 Took care of Privileged Access Management (PAM) solutions using BeyondTrust

integrated with Okta directory groups, focusing on Break Glass Access Control, Secrets
& Vaulting, and threat analytics for privileged sessions.

 Wrote scripts in PowerShell and Python (Boto3) and created Terraform/Ansible modules
to automate user provisioning and deploy secure IAM blueprints using Infrastructure as
Code (IaC) within Azure DevOps pipelines.

 Automated IAM tasks using Okta Workflows, Microsoft Power Automate, and Azure
Logic Apps to drive manager-based approvals, dynamic user assignments, and reduce
manual overhead.

Cigna Project Experience: OKTA IAM

DEVELOPER
 Engineered and managed enterprise-grade Identity & Access Management (IAM)
solutions by integrating Okta, AWS IAM, and Active Directory (AD) to create a
unified, secure access fabric across hybrid cloud environments.
 Built and streamlined directory services by integrating Okta Universal Directory and
Microsoft Identity Manager (MIM) with AWS Directory Service, ensuring seamless
identity synchronization and interoperability.
 Deployed and administered robust Single Sign-On (SSO) and Multi-Factor
Authentication (MFA) solutions using Okta, AWS SSO, and Adaptive MFA for SaaS
applications including Salesforce, Workday, and Microsoft 365.

 Architected and optimized customer-facing identity solutions using Okta CIAM and
AWS Cognito, implementing advanced features like Self-Service Registration, Social
Login, and Progressive Profiling.
 Established robust Identity Proofing & Verification workflows using Acuant/Socure
within Okta-integrated flows, enhancing fraud detection and supporting localization
(i18n) for global user bases on AWS.

 Established secure Identity Federation using OAuth 2.0, SAML 2.0, and OpenID
Connect (OIDC) with Okta and AWS IAM Identity Center, enabling secure access for
multi-tenant SaaS and B2B/B2C integrations.
 Developed automated IAM provisioning and reconciliation processes using SCIM and
Microsoft Graph API, leveraging Okta, AWS Lambda, and Terraform to ensure
identity consistency at scale.

 Governed cloud access by auditing Cross-Account IAM Roles and entitlements using
AWS IAM Identity Center, Okta Universal Directory, and AWS Config to detect
policy drift and maintain consistency.
 Designed and enforced a Zero Trust Architecture by implementing layered access
controls and contextual policy evaluation with Okta, AWS IAM, and Google Cloud
Identity to minimize the attack surface.

 Ensured adherence to GDPR, ISO 27001, and NIST standards by integrating Okta audit
trails with SIEM platforms like Splunk and QRadar, and creating compliance
dashboards in AWS QuickSight.

 Implemented core IGA processes using Saviynt and Okta, automating Identity Lifecycle
Management, Access Request Workflows, and Access Reviews & Certification
Campaigns in the AWS cloud.

 Deployed and secured Privileged Access Management (PAM) workflows using

CyberArk, managing secrets vaulting, credential rotation, and break-glass access across
Okta-integrated AWS IAM roles while monitoring sessions with UEBA tools.

 Automated the deployment of IAM policies and artifacts using Infrastructure as Code
(IaC) with Terraform, Jenkins, and AWS CodePipeline, and wrote custom automation
scripts in Python (Boto3) and PowerShell.
  Leveraged Okta Workflows for low-code automation to orchestrate complex identity
processes, such as approval flows and access requests, integrated with platforms like
ServiceNow and Salesforce.

Morgan Stanley Project Experience: OKTA

IAM ENGINEER
 Built and managed a hybrid IAM ecosystem using Okta, Azure AD, and Microsoft
Identity Manager (MIM) to centralize access control and federate identities between
on-premises Active Directory and Azure.
 Enabled seamless SSO by integrating OAuth 2.0, OpenID Connect (OIDC), and
SAML 2.0 across internal applications and third-party services using Okta and Azure
Enterprise Applications.
 Implemented robust passwordless and Multi-Factor Authentication (MFA) policies using
FIDO2, WebAuthn, and Okta Adaptive MFA within the Azure AD environment to
enhance security posture.

 Delivered scalable CIAM platforms leveraging Okta CIAM and Azure AD B2C,
enabling features like consent and preference management aligned with GDPR/CCPA
standards.
 Plugged in identity proofing and user verification processes with platforms like Socure
and Acuant, embedding them into secure, Azure-hosted customer onboarding journeys.

 Engineered identity federation for B2B/B2C scenarios across Azure AD, Okta CIAM,
and Auth0, creating robust identity broker flows to unify authentication across different
regions and partners.
 Designed and configured secure machine-to-machine (M2M) communication using
X.509 certificates and PKI-based access control for CI/CD pipeline executions across
Okta and Azure DevOps.

 Enabled secure third-party and cross-organizational access by configuring cross-account

IAM roles and cloud entitlement federation using Okta and Azure AD.
 Rolled out a Zero Trust Architecture using Microsoft Entra Conditional Access, the
Okta Policy Framework, and Azure Network Segmentation strategies to enforce
granular access controls.

 Aligned the identity program with NIST CSF, ISO 27001, and GDPR by leveraging
Okta and Azure Policy integrations and building compliance dashboards in Azure
Monitor and Splunk.

 Automated access reviews, certification campaigns, and attestation workflows using

SailPoint IdentityNow, Okta, and Azure Governance tools to support enterprise
compliance initiatives.
  Orchestrated Privileged Access Management (PAM) using BeyondTrust, Okta, and
Azure Bastion, integrating secrets vaulting with Azure Key Vault and defining approval
chains for high-risk operations.

 Automated CI/CD pipelines by integrating Okta SDKs with Jenkins, Azure DevOps,
and PowerShell scripts to ensure continuous and secure deployment of identity policies.

IDBI Intech Project Experience: IAM

Engineer
 Implemented core Identity & Access Management (IAM) solutions by using Okta to
integrate on-premises Active Directory (AD) with Google Cloud, centralizing
authentication for users and applications.
 Set up and managed Okta Universal Directory to act as a central hub, synchronizing
user identities from multiple sources to create a single source of truth for the enterprise.
 Contributed to building Single Sign-On (SSO) and Multi-Factor Authentication (MFA)
strategies, configuring Okta access policies for step-up and Risk-Based Authentication
(RBA) across Google Workspace.

 Handled application integrations using standard federation protocols like OpenID

Connect, SAML 2.0, and OAuth 2.0 to securely connect enterprise apps to cloud
services through the Okta Identity Engine.
 Worked on automating user lifecycle management by configuring SCIM-based
provisioning from Okta to SaaS applications like Salesforce and Workday, ensuring
user access was always in sync.

 Helped enforce compliance with NIST frameworks by integrating Okta System Logs
and Google Cloud Logging with the company's SIEM platform (QRadar) for
continuous monitoring and alerting.
 Assisted in aligning data handling processes with GDPR and ISO 27001 compliance
standards for applications and user data hosted on the Google Cloud Platform (GCP).

 Helped implement identity federation strategies using Okta to manage secure, role-based
access for users and groups into the Google Cloud environment and other connected
applications.

 Worked on projects integrating Okta's CIAM platform to support customer-facing

features like Self-Service Registration, social logins, and Progressive Profiling.
  Used SailPoint IdentityIQ as the primary IGA platform to configure Role-Based Access
Control (RBAC) models and govern access for identities managed within Okta and
Google IAM.

 Wrote automation scripts using Python and PowerShell, leveraging the Google Cloud
SDK, to orchestrate user provisioning and streamline identity-related workflows.

HCL Project Experience: IAM SOLUTION

Engineer

 Assisted in building and managing Identity & Access Management (IAM) frameworks
using Okta and AWS IAM to help centralize user identities and define foundational
IAM roles and policies.
 Gained experience by setting up integrations for Directory Services, connecting Okta
Universal Directory with on-premises Active Directory (AD) using Microsoft Identity
Manager (MIM).
 Contributed to the implementation of conditional access policies and Risk-Based
Authentication (RBA) by learning and applying Okta’s Adaptive MFA within AWS
Cognito-backed applications.

 Learned and applied knowledge of SAML, OAuth 2.0, and OpenID Connect (OIDC) to
assist in the integration of enterprise applications, supporting SSO functionalities on
Okta and AWS platforms.
 Supported identity reconciliation workflows by learning to use SCIM and RESTful APIs,
which helped reduce orphaned accounts between Okta and AWS SSO.

 Helped build controls to enforce GDPR and HIPAA compliance by assisting with access
certification campaigns and policy-driven reviews using the Okta Policy Framework.
 Gained foundational experience in audit support by gathering logs from AWS
CloudTrail and Okta System Logs for analysis in SIEM tools like Splunk and
QRadar.

 Assisted senior engineers in provisioning cloud IAM resources using infrastructure as

code patterns to establish basic roles and federated identity bridges between AWS IAM
and the Okta Identity Cloud.

 Contributed to the design of Customer Identity & Access Management (CIAM)

blueprints, integrating Okta CIAM with OAuth 2.0 to authenticate external users on
AWS-hosted services.
 Assisted with the implementation of Role-Based Access Control (RBAC) by helping with
role engineering strategies to manage access provisioning and deprovisioning workflows
in Okta and AWS.

 Developed foundational scripting skills by writing basic PowerShell and Python (Boto3)
scripts to automate simple, repetitive user provisioning and directory synchronization
tasks.