compLogoIAM Discovery AnalystCompany: IncedoHybridAustin, TX, USA
Position: IAM Discovery Analyst
Location: Austin, TX
Type: Full-Time

About Incedo
Incedo is a US-based consulting, data science, and technology services firm with over 4,000 professionals across the US and India. We help organizations achieve competitive advantage through end-to-end digital transformation.
Role Overview
The IAM Discovery Analyst is a critical role responsible for discovery, analysis, and documentation of enterprise identity ecosystems. The role focuses on identity source discovery, lifecycle mapping, access analysis, and stakeholder-driven documentation to enable robust IAM transformation programs.
This role acts as the foundation for identity governance by establishing visibility across identities, applications, access patterns, and lifecycle processes.
Key Responsibilities
  • Lead identity source discovery across AD, LDAP, Microsoft Entra ID, and cloud IAM environments; onboard and normalize identity datasets
  • Discover and catalogue enterprise applications, authentication flows, and access pathways; map identity-to-application relationships
  • Develop end-to-end Joiner–Mover–Leaver (JML) lifecycle documentation with strong technical writing aligned to audit/compliance needs
  • Lead stakeholder workshops (HR, IT, Security, Business) to capture identity flows, access requirements, and process gaps
  • Perform HRIS–IAM integration mapping including data flows, attributes, triggers, and provisioning workflows
  • Analyze access patterns (roles, entitlements, usage) to establish baseline access models and optimization opportunities
  • Correlate and normalize identity data across systems; eliminate duplicates and identify orphan/shadow accounts
  • Support RBAC/ABAC role modeling and role mining initiatives using access and attribute insights
  • Enable automated discovery using APIs (REST, SCIM) and connectors
  • Identify identity risks (excessive access, toxic combinations, privilege creep) and recommend remediation actions
  • Develop CISO-ready dashboards (coverage %, orphan accounts, privilege exposure, onboarding gaps)
  • Work with IGA tools such as SailPoint IdentityNow, Saviynt, or similar platforms

Additional Key Expectations (Critical):
  • Strong Business Analyst orientation with ability to translate business processes into IAM constructs
  • Proven experience in Wealth Management domain (client onboarding, advisor access, portfolio systems, regulatory controls)
  • Ability to bridge business, compliance, and technology for identity lifecycle and access governance design

Qualifications & Experience
  • 6–10 years of experience in IAM, Identity Governance, or Security Engineering 
  • Proven experience in large IAM discovery or transformation projects 
  • Strong experience in identity lifecycle documentation and technical writing 
  • Experience in HRIS integration and enterprise process mapping 
  • Experience in leading stakeholder workshops 

Technical Skills
  • Identity source discovery (AD, LDAP, Entra ID, Cloud IAM) 
  • Application inventory mapping and access discovery 
  • Data correlation, normalization, and identity reconciliation 
  • RBAC/ABAC understanding and role mining 
  • API (REST, SCIM) and connector knowledge 
  • Identity lifecycle (JML) mapping 
  • Risk and anomaly identification 
  • IAM tooling exposure (SailPoint, Saviynt, etc.) 
  • Reporting and dashboarding 
Certifications
Must-have:
  • SailPoint IdentityNow / IdentityIQ Certifications 
  • Microsoft IAM Certification (SC-300 or equivalent) 

Nice-to-have:
  • Okta Certifications , CyberArk Certifications , Cloud Certifications (AWS / Azure / OCI) 
  • Strategic: CISSP , CIAM ,• CIGE 

Soft Skills
  • Strong analytical and problem-solving skills 
  • Excellent communication and documentation capability 
  • Ability to engage C-level stakeholders