Saif Rahman
bangalore
Summary
Identity and Access Management (IAM) Security Engineer with expertise in automating governance and securing complex, multi-entity environments (ANI, Ola Money, Ola Electric, Krutrim). Proven track record of managing identity lifecycles for 11,000+ users, engineering custom automation connectors, and driving audit readiness for RBI and ITGC compliance. Skilled in bridging the gap between security operations and software engineering using Kotlin, Python, and Selenium to minimize risk and enforce least-privilege access.
Overview
6
6
years of professional experience
5
5
Certifications
Work History
IAM Security Engineer - I
OLA Krutrim
Bengaluru
10.2024 - Current
- Enterprise IAM Automation: Engineered and maintained custom application connectors using JSON scripting and Selenium to automate access reviews for over 11,000 users across multiple entities (ANI, Krutrim, Ola Money, Ola Electric).
- SDLC & Tooling: Actively contributed to the SDLC of the internal Access Review Portal using Kotlin, optimizing backend logic to support custom RBAC groups, and enhance connector performance.
- Audit & Compliance: Led the technical defense for RBI, ITGC, and SOC 2 audits, achieving 100% completion of quarterly access reviews, and generating automated evidence for control effectiveness.
- SSO Onboarding: Managed the integration of business applications into the in-house SSO (CIDM) platform, standardizing authentication protocols, and improving user experience.
- Risk Reduction: Orchestrated the remediation of "orphaned" accounts and generic IDs; established a quarterly monitoring cadence to detect and revoke access that has been inactive for over one year.
- Operational Resilience: Conducted daily troubleshooting of connector failures, and automated the daily user revocation process for leavers to ensure immediate access termination.
- Security Posture Management: Established the governance framework for Application Security Posture Management (ASPM), creating a centralized inventory to track and remediate security risks across the application portfolio.
Analyst III Infrastructure Services
DXC Technology
Bengaluru
10.2019 - 02.2024
- Provided technical support for global users, leveraging incident ticketing systems (ServiceNow).
- Identified potential security incidents based on user-reported issues; demonstrated troubleshooting skills by resolving IT issues related to network connectivity, remote access (Cisco AnyConnect, Citrix Workspace), and endpoint management.
- Managed user access and privileges to mitigate security risks, ensuring adherence to security policies.
- Supported asset lifecycle management processes, reducing potential vulnerabilities associated with outdated equipment.
- Involvement in BYOD initiatives, configuring devices, enforcing security policies, and providing technical support.
Education
Bachelor of Science - Bachelor Of Computer Application(BCA)
Dayanand Sagar University
Bengaluru05-2017
Skills
- IAM and governance: identity lifecycle management, role-based access control (RBAC), user access reviews (UAR), single sign-on (SSO), and privileged access management
- Automation and development: Kotlin, Python, JSON scripting, Selenium automation, API integration, SQL
- Compliance and audits: SOC 2, RBI guidelines, ITGC (IT general controls), PCI DSS
- IAM Tools: Active Directory, Groot (Custom RAC In-house), User Access Review Portal (In-house Access Review Portal), CIDM (In-house SSO Portal)
- Privileged access workflows
- SDLC maintenance
- Excel
- Application security posture frameworks
Websites
Certification
ISC2 Certified in Cybersecurity Certification.
Timeline
IAM Security Engineer - I
OLA Krutrim
10.2024 - Current
Analyst III Infrastructure Services
DXC Technology
10.2019 - 02.2024
Bachelor of Science - Bachelor Of Computer Application(BCA)
Dayanand Sagar University