What makes Cognizant a u to work? The combination of rapid growth and an unique place international and innovative environment! This is creating many opportunities for people like YOU — people with an entrepreneurial spirit who want to make a difference in this world.
At Cognizant, together with your colleagues from all around the world, you will collaborate on creating solutions for the world's leading companies and help them become more flexible, more innovative, and successful. Moreover, this is your chance to be part of the success story.
Position Summary:
This Position requires a highly skilled Cybersecurity Architect – Identity & Access Management (IAM) with deep expertise in SailPoint IdentityIQ, IBM Security Access Manager (ISAM), and Identity Governance & Administration (IGA).
The candidate will design, implement, and maintain enterprise‑grade identity security solutions, ensuring secure access, regulatory compliance, and scalable governance across the organization. This role requires hands-on engineering capability, strong architectural design thinking, and experience leading IAM modernization initiatives.
Key responsibilities:
Identity Governance & Administration (IGA) – SailPoint IdentityIQ
•Architect, implement, and administer SailPoint IdentityIQ (IIQ) for identity lifecycle management, provisioning, certification, and access governance.
•Develop rules, workflows, connectors, aggregation tasks, and customizations in SailPoint.
•Lead access certification campaigns, role mining, and role engineering initiatives.
•Integrate SailPoint with enterprise systems such as Active Directory, LDAP, HRMS, cloud platforms, and business applications.
•Define and enforce role-based access controls (RBAC) and policy-based entitlements.
Access Management (AM) – IBM Security Access Manager
•Implement and administer ISAM/IBM Verify Access for secure authentication, authorization, and SSO across enterprise applications.
•Configure and troubleshoot WebSEAL, junctions, ACLs, and reverse proxy components.
•Implement MFA, risk-based authentication, OAuth2, OpenID Connect, and SAML integrations.
•Work with application teams on SSO onboarding, session management, and federation protocols.
Mandatory Skills:
Identity Governance & Administration (IGA) – SailPoint IdentityIQ
•Strong knowledge of cybersecurity domains including access control, network security, privileged access, policy enforcement, threat modeling, and risk mitigation.
•Advanced proficiency in SailPoint IdentityIQ for identity lifecycle management, access governance, provisioning, and compliance.
•Skilled in developing rules, workflows, custom forms, connectors, aggregation processes, and Beanshell-based customizations.
•Strong experience in role mining, role engineering, and defining access models (RBAC/ABAC).
•Expertise integrating SailPoint with directories, HR systems, cloud applications, and enterprise applications.
•Hands-on with certifications, policy management, risk scoring, and identity analytics.
•Capable of optimizing IIQ architecture, performance tuning, and maintaining platform stability.
Access Management (AM) – IBM Security Access Manager / IBM Verify Access
•Strong experience implementing & managing IBM Security Access Manager (ISAM) including WebSEAL, junctions, ACLs, reverse proxy, and policy configurations.
•Deep understanding of SSO, Federation, OAuth2, SAML, OIDC, and adaptive authentication.
•Ability to onboard complex applications into ISAM, troubleshoot authentication flows, and ensure seamless integration.
•Expertise in configuring high availability, load balancing, and DR setups for ISAM environments.
•Hands-on experience improving authentication security, MFA deployment, and integrating enterprise directories.
Duties and Responsibilities:
1)Identity Governance & Administration (IGA) – SailPoint IdentityIQ
•Design and implement identity Lifecycle events like joiner–mover–leaver (JML) processes, RBAC/ABAC models, segregation of duties (SoD), and access certification strategy.
•Establish data models, authoritative sources, and aggregation strategies for identities, accounts, and entitlements.
•Implement and maintain SailPoint IdentityIQ (IIQ) modules: Lifecycle Manager, Compliance Manager, Certifications, Risk Models, SoD.
•Develop rules, workflows, task definitions, connector configurations, and Beanshell / Java customizations for complex provisioning & policy logic.
•Build and tune connectors/integrations for AD, LDAP, HR systems, databases, SaaS apps, and cloud (Azure/AWS).
•Run access review campaigns, remediation workflows, attestation cycles, and exception handling.
•Perform role mining, role engineering, and periodic entitlement rationalization
•Monitor and optimize aggregation/provisioning performance, job schedules, and IIQ cluster stability; manage upgrades & patches.
•Maintain audit readiness—produce evidence, logs, and reports for SOX, SOC2, ISO 27001, PCI access controls.
2)Access Management (AM) – IBM Security Access Manager / IBM Verify Access
•Architect and configure ISAM / IBM Verify Access including WebSEAL, reverse proxy, junctions, ACLs, POPs, EAI/TAMeB integrations.
•Define HA/DR, capacity planning, certificate lifecycle, and patch governance for AM components.
•Design and implement SSO & federation using SAML 2.0, OAuth 2.0, OpenID Connect, and JWT best practices.
•Deploy and tune MFA/adaptive auth, risk-based policies, session management, and token lifecycles.
•Troubleshoot complex issues related to headers, cookies, junction types, policy evaluation, credential mapping) across layers (proxy, app, IdP/SP).
•Integrate with SIEM for log forwarding, anomaly detection, and real-time alerting.
Qualifications & Certifications (Optional):
•Identity & Access Management Certifications in tools like IBM Security Access manager, Directory servers, SailPoint, Okta, Microsoft Azure etc.
Salary Range: >$100,000
Date of Posting:19-Feb-26
Next Steps: If you feel this opportunity suits you, or Cognizant is the type of organization you would like to join, we want to have a conversation with you! Please apply directly with us.
For a complete list of open opportunities with Cognizant, visit http://www.cognizant.com/careers. Cognizant is committed to providing Equal Employment Opportunities. Successful candidates will be required to undergo a background check.
The Cognizant community:
We are a high caliber team who appreciate and support one another. Our people uphold an energetic, collaborative and inclusive workplace where everyone can thrive.
- Cognizant is a global community with more than 300,000 associates around the world.
- We don’t just dream of a better way – we make it happen.
- We take care of our people, clients, company, communities and climate by doing what’s right.
- We foster an innovative environment where you can build the career path that’s right for you.
About us:
Cognizant is one of the world's leading professional services companies, transforming clients' business, operating, and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ-100 and one of Forbes World’s Best Employers 2025) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com
Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.
Disclaimer:
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.