Discover Technata Job board

Find your next tech job in Kanata North, Canada’s largest technology park. Then explore endless international opportunities and dream about where your career will take you. With the Country’s largest density of technology companies ranging from promising startups to leading global giants, Kanata North is the place to be if you are serious about a career in tech.

Identity and Access Management



Bengaluru, Karnataka, India
Posted on Thursday, May 25, 2023

Position Description:

Role: Identity and Access Management (Senior Systems Engineer)
Experience: 9-11 Years
Skillset: L3

• Working knowledge on Tools: OKTA, OIM, CyberArk, Active Directory, Workday, Mimecast, Fortigate firewall, Ivanti, OKTA MFA and Azure MFA, Fortinet VPN (RADIUS), Citrix (RADIUS), ForgeRock
• Extensive knowledge in areas:
o NIST CSF Framework
o Global workforce identity management supporting bulk users.
o Privileged access management (domains, servers, databases, etc.)
o Global customer identity management
o Consent & preference management for Users
o 3rd party identity management for vendors
o PKI management / 3rd party SSL certificates
o Audit compliance (NIS, GDPR, ICFR)
o Digital password vaulting solutions
• Experience with Privileged Identity Access Management Solutions and related technologies
• Routine housekeeping of AD and systems under support purview
• Identity and Access Management architecture experience
• Knowledge on how to design, develop, deploy and support IDM solutions for the IDM Group
• One-time password, Risk-based access and other Multi-Factor Authentication features of IAM strategies.
• Knowledge on Oracle Internet Directory/Oracle Virtual Directory, Sun Directory, Active Directory, Tivoli Directory, Novell Directory Server & CA Directory
• Working knowledge of IAM integration using REST, JAVA etc.
• Knowledge in web services, XML, SOAP and JMS.
• Experience with Database (Oracle, MSSQL, MySQL etc), Directories (LDAP, Active Directory), Design document, Test case development.
• Experience with Application Servers (WebLogic / WebSphere / Tomcat / Apache).
• Experience in integration of JDBC, Active Directory, Exchange, SAP, ERP etc
• Knowledge of identity and access management solutions and models (SSO, SAML, WS-Fed, provisioning, recertification, SCIM, OAuth, Kerberos).
• Creating and managing application integrations for identify and access management.
• Experience with Design document, Test case development.
• Knowledge on testing the application Various methods and deploy the application into cloud.
• Experience in the following areas: single sign-on, enterprise directory architecture and design, directory schema, namespace, replication topology, resource provisioning, role-based access Control, user lifecycle.
• Providing/presenting migration statistics, issues/resolution, and deliverables to leadership, detailing user, group, and physical device success percentages, tracking milestones for what had been migrated or was still in need of migration.
• Knowledge in web services, XML, SOAP and JMS.
• Manual or automated account on-boarding (on-board secrets or create groups)
• Experience in Business Systems Analysis, Remote infrastructure management
• Ability to support APIs and other interfaces with tools owned by various organizations
• One-time password, Risk-based access and other Multi-Factor Authentication features of IAM strategies.
• Generate and publish routine reports as per client requirements.
• Ability to translate security standard and business logic into product policies, workflows, configuration, and custom code development.
• Day to day steady state support of the in-scope Identity Provisioning tools
• Create and Maintain support documentation.
• Client facing and presentation skills.
• Knowledge on the Support life cycle.
• Excellent written, oral communication skills, credibility, interpersonal skills and ability to work with global counterparts.
• Strong leadership skills
• Training and product demos
• Analyze server to application mapping
• Maintain asset inventory
• Conduct privileged account review
• Track privileged account clean up
• Collect and maintain requirements
• Accountable for Stakeholder analysis and maintenance
• Develop Use Cases

OIM Related activities identical to Azure AD, OKTA or CyberArk

Azure AD:
• Should manage Microsoft Identity Management products (Active Directory, Active Directory Federation Services, and Azure, AD Connect, Office 365).
• Managing Identity Access management of Azure Subscriptions, Azure AD, Azure AD Application Proxy, Azure AD Connect, Azure AD Pass Through Authentication
• Having Experience of Creating conditional Access policies Multifactor authentication (MFA), Resetting MFA and Resolving the MFA issues.
• Familiarity in the following areas: single sign-on, enterprise directory architecture and design, directory schema, namespace, replication topology, resource provisioning, role-based access Control, user lifecycle
• Successfully established and tested Azure AD Tenant for production. Provided technical direction to allow Active Directory on-Prem group to populate users.
• Experience in Syncing the Objects Users, Groups, Workstation from active directory to azure active directory.
• Active Directory Federation Services (ADFS), SAML, web Single Sign-on (SSO), OAuth and related authentication technologies.
• Assist in the scripting of AD user and contact object updates using PowerShell to facilitate synchronization to Azure AD.
• Experience in Various Powershell module (Azure ad, Active Directory and exchange online)
• Having Experience of troubleshooting of user account provisioning between legacy Client directories and CSC active directories and LDAP directories
• Experience Configuring and managing AzureAD Connect, AzureAD Connect health, Microsoft Azure Active Directory.
• Provide end to end support for the migration of all the Directory objects, from the source (Multiple Domains) to the target Single Domain.
• Monitoring the Licenses for Azure Ad issues, resolving the Licenses Issue for Azure AD Users. Assigning the licenses Group based.
• Resolve Azure AD issues relating to Office 365 (MMSSPP), Active Directory to AzureAD identity and user permissions.
• Configured and resolved Azure AD Connect sync issues, Various types of Data issues and Attribute issues.
• Having Experience of Creating and Managing the users and groups in Azure AD.
• Experience troubleshooting skills in a Windows 2012 environment - Event log analysis, installation and administration of Windows Server 2012 , including user setup and defining roles, performance tuning, backup and restore, security monitoring, registry for the Application Specific Servers.

• Experience with Database (Oracle, MSSQL, MySQL etc)
• Experience with Directories (LDAP, Active Directory)
• Experience with Design document, Test case development.
• Experience with Application Servers (WebLogic / WebSphere / Tomcat / Apache).
• Working knowledge of IAM integration using REST, JAVA etc.
• Work experience on ForgeRock, Okta or Any access Management
• Working Experience in Okta with exposure Identity and Access Management deployment and management preferably in Okta.
• Provide Okta API based development solutions.
• Governance related OKT in-terms compliances & Policies.

• CyberArk version 10 or above. (CyberArk components like Vault, CPM, PSM, PSMP, PVWA, AAM, PTA)
• 3- 5 years of work experience supporting CyberArk PIM Suite/ Infrastructure
• Performing compliance checks on CyberArk for IT security safes and to Provide alerts and reports appropriately - Investigate, Provide RCA and resolve Incidents.
• CyberArk Certified Sentry
• Integrating various platforms with CyberArk, such as different LDAP providers, Windows servers, UNIX servers, Database and networking Devices.
• Creating and Managing Safes, Platforms and Owners.
• Central Policy Manager (CPM) policies management or redistribution.


  • Active Directory
  • Azure Active Directory
  • Identity and Access Mgt (IAM)
  • Oracle Identity Manager
  • Exchange Server

What you can expect from us:

Insights you can act on

While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.

When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees “members” because they are CGI shareholders and owners, and, as owners, we enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today—one of the world’s largest independent providers of IT and business consulting services.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where everyone belongs, and we collaborate with clients in building more inclusive communities. As an equal opportunity employer, we empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Ready to become part of our success story? Join CGI—where your ideas and actions make a difference.

See more open positions at CGI

Something looks off?