IAM Analyst(Saviynt)-Senior Associate-Cyber Managed services -consult

Industry/Sector

Not Applicable

Specialism

Managed Services

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

In cybersecurity incident management at PwC, you will focus on effectively responding to, and mitigating, cyber threats, maintaining the security of client systems and data. You will be responsible for identifying, analysing, and resolving security incidents to minimise potential damage and protect against future attacks.

Focused on relationships, you are building meaningful client connections, and learning how to manage and inspire others. Navigating increasingly complex situations, you are growing your personal brand, deepening technical expertise and awareness of your strengths. You are expected to anticipate the needs of your teams and clients, and to deliver quality. Embracing increased ambiguity, you are comfortable when the path forward isn’t clear, you ask questions, and you use these moments as opportunities to grow.

Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to:

• Respond effectively to the diverse perspectives, needs, and feelings of others.
• Use a broad range of tools, methodologies and techniques to generate new ideas and solve problems.
• Use critical thinking to break down complex concepts.
• Understand the broader objectives of your project or role and how your work fits into the overall strategy.
• Develop a deeper understanding of the business context and how it is changing.
• Use reflection to develop self awareness, enhance strengths and address development areas.
• Interpret data to inform insights and recommendations.
• Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements.

Cyber Data & Tech Risk Managed Services JD

• IAM POD (L3/ L4)
• Sr Associate
• A career at PwC Cyber Data & Tech Risk Managed Services offers you the opportunity to deliver strategic cybersecurity solutions that safeguard our clients’ critical business and data assets. As an engineer, the IAM Engineer is responsible for the end-to-end delivery, engineering, and operational support of Identity and Access Management (IAM) capabilities across enterprise client environments. This role focuses on Identity Governance & Administration (IGA), Privileged Access Management (PAM), and Access Management (AM), driving secure identity lifecycle processes, automation, and continuous improvement while ensuring governance, compliance, and audit readiness.
• You will collaborate closely with clients, internal stakeholders, and global experts to drive cyber resilience, regulatory compliance, and innovation. You will provide hands-on technical delivery, operational excellence, and continuous improvement across cyber managed services programs.
• Share and collaborate effectively with others, creating a positive team spirit.
• Identify and make suggestions for improvements when problems and/or opportunities arise.
• Validate data and analysis for accuracy and relevance.
• Follow risk management and compliance procedures.
• Keep up to date with developments in my area of specialty
• Communicate confidently in a clear, concise and articulate manner - verbally and in written form.
• Seek opportunities to learn about the wider economy alongside the business models/corporate governance and/or regulatory environment of our clients
• Uphold the firm's code of ethics and business conduct
• Basic Qualifications:
• Degree Required: Bachelors or masters
• Minimum Years of Experience: Over 5 to 8 years of hands-on IAM implementation, and operations support
• Preferred Knowledge/Skills: Relevant experience in end-to-end support of IAM services and certifications like CISSP, CISM, CISA, GIAC (GCIH, GSEC, GCIA), CCSP, or equivalent is desirable.
• Certifications specific to IAM are an advantage.
• IGA (SailPoint IIQ)
• SailPoint Certified IdentityIQ Engineer
• IGA (SailPoint ISC)
• SailPoint Certified Identity Security Engineer (Cloud)
• IGA (Saviynt)
• Saviynt Certified IGA Professional (SCIP)
• PAM(CyberArk)
• Cyberark CDE
• PAM (Delinea)
• Delinea Secret Server
• AM (Okta)
• Okta Certified Professional
• AM (Ping)
• Ping Federate Professional
• AM (Ping)
• Ping Directory Professional
• AM (Ping)
• Ping Identity Professional
• Demonstrates knowledge and/or a proven record of success in one or more of the following areas:

Identity Governance and Administration

• Configuring, administering, and supporting Identity Governance and Administration (IGA) tools such as SailPoint ISC/IIQ, Saviynt, or equivalent platforms.
• Implementing and optimizing access request management, approval of workflows, and automated provisioning/de-provisioning processes to enhance efficiency and governance adherence.
• Applying user lifecycle management best practices including role-based access control (RBAC), segregation of duties (SoD), and least privilege principles aligned to client policy and regulatory requirements.
• Managing identity workflows, role and entitlement models, and access approval processes tailored to client-specific business needs and compliance requirements.
• Performing periodic access reviews/certifications, supporting remediation activities, and maintaining audit-ready evidence for IAM controls and processes.
• Having experience in integrating applications with IGA solutions.

Privileged Access Management (PAM)

• Administering Privileged Access Management (PAM) solutions including CyberArk, Delinea, ensuring secure privileged account onboarding, credential rotation, session management, and policy enforcement.
• Strong knowledge of CyberArk solutions, including PAM, PAS, Cloud, and other related modules (PTA, EPM, Alero, etc).
• Experience in Secrets Server administration and policy management.
• Experience in the upgrade of the CyberArk or Delinea PAM components.
• Provide overall direction and oversight into the PAM functions across the organization, including Password Vaulting of elevated user and application service accounts.
• Coordination with infrastructure, security, and application teams for privileged access controls
• Well versed with automation scripts in Rest-API.
• Knowledge on customization of CyberArk Platforms, Connectors/Plugins (with AutoIT/Shell Scripting) and good knowledge on auto-detection configuration and usage of Discovery Scanning tools.

Access Management (AM)

Supporting Access Management (AM) capabilities including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federation protocols (SAML, OAuth, OpenID Connect) using platforms such as PingID, Okta, Microsoft Entra ID, or equivalent. Advanced knowledge of identity federation, Single Sign-On (SSO), and Multi-Factor Authentication (MFA) solutions. Strong understanding of IAM concepts and protocols (SAML, OAuth, OpenID Connect). Experience with Enterprise Provisioning, Roles based Access Controls, Single-Sign On, external and internal federation and systems integration. Knowledge of regulatory compliance requirements related to identity management (e.g., GDPR, HIPAA). Proficiency in integrating IAM solutions with a wide range of applications and platforms. Experience with APIs, SDKs, and automation scripting (e.g., Python, PowerShell) for complex IAM workflows. Demonstrates knowledge and/or a proven record of success in the following areas: Owning incident, problem, and change management activities related to IAM/PAM services, following ITIL practices and using service management platforms such as ServiceNow and Jira. Developing and maintaining operational documentation, runbooks, knowledge articles, and standard operating procedures (SOPs) to enable consistent delivery and audit readiness. Driving automation and integration using scripting (PowerShell, Python, Ruby), REST APIs, and tooling (e.g., Postman) to reduce manual effort and improve service reliability. Collaborating cross-functionally with IT security, risk, compliance, and application owners to onboard systems and validate secure integrations into the IAM architecture. Monitoring service health, support SLA adherence, perform root cause analysis (RCA) for recurring issues, and recommend continuous improvements. Responsibilities: Service Delivery & Operations Provide operational support for IGA, PAM, and AM platforms including monitoring, troubleshooting, and break/fix. Execute standard changes (new app onboarding, connector configuration, policy updates) and support platform upgrades and patching activities under change control. Participate in on-call rotations and major incident responses for IAM services, coordinating with stakeholders until resolution. Maintain accurate ticket updates, communication, and documentation to ensure timely resolution and customer satisfaction. Handle L3 escalations for IAM incidents and complex service requests, driving technical triage and resolution. Lead complex application onboarding, including requirements of gathering, integration design, connector configuration, and end-to-end validation. Engineering, Automation & Continuous Improvement Design and implement repeatable automation for joiner/mover/leaver processes, privileged access onboarding, and access review remediation using scripts and APIs. Create dashboards/metrics to track operational performance (ticket trends, SLA compliance, access review completion, privileged account coverage) and identify improvement opportunities. Contribute to platform hardening, configuration standards, and secure-by-default patterns for IAM services. Provide architecture guidance and solution design for IAM capabilities and integrations, aligning to target-state architecture and security standards. Deliver strategic recommendations and roadmaps for IAM tooling, automation, and process improvements based on risk, compliance, and operational insights. Plan and execute IAM tool migrations and platform transitions (including upgrades and consolidations), ensuring controlled cutover, minimal disruption, and stakeholder readiness. Governance, Compliance & Reporting Ensure IAM activities are executed in accordance with PwC policies, client governance frameworks, and applicable regulatory requirements. Support audits by producing evidence of IAM controls, process adherence, and remediation actions; maintain traceability for access approvals and certifications. Assist in preparing periodic status reports and operational summaries for client and internal stakeholders. Tools Knowledge: Identity & Access Management: Active Directory, SailPoint Identity Now IIQ/ISC, CyberArk, Saviynt, Ping Access/Federate, Microsoft Entra ID, Okta, ForgeRock Scripting & Automation: PowerShell, Python, Ruby, REST APIs Support & Management Platforms: ServiceNow, Jira, Git Databases & Protocols: SQL (MSSQL/Oracle), Java fundamentals, SAML, OAuth, OpenID Connect Utilities: Postman, Putty, WinSCP

Travel Requirements

Not Specified

Job Posting End Date