compLogoIAM Discovery AnalystCompany: Incedo IncHybridAustin, TX, USA
IAM Discovery Analyst – Job Description

Role Overview
The IAM Discovery Analyst is a critical role responsible for discovery, analysis, and documentation of enterprise identity ecosystems. The role focuses on identity source discovery, lifecycle mapping, access analysis, and stakeholder-driven documentation to enable robust IAM transformation programs.
This role acts as the foundation for identity governance by establishing visibility across identities, applications, access patterns, and lifecycle processes.
Key Responsibilities

·      Lead identity source discovery across AD, LDAP, Microsoft Entra ID, and cloud IAM environments; onboard and normalize identity datasets
·      Discover and catalogue enterprise applications, authentication flows, and access pathways; map identity-to-application relationships
·      Develop end-to-end Joiner–Mover–Leaver (JML) lifecycle documentation with strong technical writing aligned to audit/compliance needs
·      Lead stakeholder workshops (HR, IT, Security, Business) to capture identity flows, access requirements, and process gaps
·      Perform HRIS–IAM integration mapping including data flows, attributes, triggers, and provisioning workflows
·      Analyze access patterns (roles, entitlements, usage) to establish baseline access models and optimization opportunities
·      Correlate and normalize identity data across systems; eliminate duplicates and identify orphan/shadow accounts
·      Support RBAC/ABAC role modeling and role mining initiatives using access and attribute insights
·      Enable automated discovery using APIs (REST, SCIM) and connectors
·      Identify identity risks (excessive access, toxic combinations, privilege creep) and recommend remediation actions
·      Develop CISO-ready dashboards (coverage %, orphan accounts, privilege exposure, onboarding gaps)
·      Work with IGA tools such as SailPoint IdentityNow, Saviynt, or similar platforms

Additional Key Expectation (Critical for Hiring):
·      Strong Business Analyst orientation with ability to translate business processes into IAM constructs
·      Proven experience in Wealth Management domain (client onboarding, advisor access, portfolio systems, regulatory controls)
·      Ability to bridge business, compliance, and technology for identity lifecycle and access governance design
Bottom of Form

Qualifications & Experience
• 6–10 years of experience in IAM, Identity Governance, or Security Engineering 
• Proven experience in large IAM discovery or transformation projects 
• Strong experience in identity lifecycle documentation and technical writing 
• Experience in HRIS integration and enterprise process mapping 
• Experience in leading stakeholder workshops 
Technical Skills
• Identity source discovery (AD, LDAP, Entra ID, Cloud IAM) 
• Application inventory mapping and access discovery 
• Data correlation, normalization, and identity reconciliation 
• RBAC/ABAC understanding and role mining 
• API (REST, SCIM) and connector knowledge 
• Identity lifecycle (JML) mapping 
• Risk and anomaly identification 
• IAM tooling exposure (SailPoint, Saviynt, etc.) 
• Reporting and dashboarding 
Certifications
Must-have:
• SailPoint IdentityNow / IdentityIQ Certifications 
• Microsoft IAM Certification (SC-300 or equivalent) 
Good-to-have:
 Okta Certifications , CyberArk Certifications , Cloud Certifications (AWS / Azure / OCI) 
Strategic: CISSP , CIAM ,• CIGE 
Soft Skills
• Strong analytical and problem-solving skills 
• Excellent communication and documentation capability 
• Ability to engage C-level stakeholders 
• Structured thinking and workshop facilitation capability 
Work Location
Austin US