AVAILABLE FOR NEW OPPORTUNITIES

Ajaya
Ghimire

IAM ENGINEER · SAILPOINT ARCHITECT · IDENTITY SECURITY SPECIALIST

CERTIFIED ISC IIQ IGA OKTA ENTRA ID NERM NHIM
📧ajayaghimire812@gmail.com 📱214-614-8104 GitHub inLinkedIn
5+ Years of IAM Experience
3 Enterprise Deployments
0 Downtime Migrations
Professional Summary
🛡️

IGA & SailPoint Expert

End-to-end design and deployment of IGA solutions using SailPoint ISC and IIQ across large enterprises, including custom rules (BeanShell/Java), workflows, and provisioning.

🔗

Connector & Integration Mastery

Deep experience configuring SailPoint connectors — Workday, Azure AD, SAP, ServiceNow, Okta, Active Directory — and building custom REST API integrations.

🤖

Non-Human Identity (NHIM)

Hands-on implementation of NHIM including service accounts, API identities, and machine identities with secure provisioning, access control, and governance.

☁️

Cloud & Hybrid Architecture

Cloud-first identity architecture combining SailPoint with AWS, Azure, and hybrid models. Experienced in zero-downtime ISC migrations adhering to NIST and Zero Trust.

📋

Compliance & Governance

Ensuring compliance with SOX, HIPAA, and GDPR through access certification programs, policy management, and automated audit reporting across regulated industries.

Performance & Optimization

Expert at identifying SailPoint performance issues, fine-tuning rules, optimizing connectors, and resolving aggregation and provisioning bottlenecks.

Work Experience
Medtronic IAM Engineer · Remote
Aug 2025 – Present
  • End-to-end onboarding of on-premises and cloud applications into SailPoint Identity Security Cloud (ISC) via JDBC, REST, SCIM, Active Directory, and Flat File connectors.
  • Deployed Non-Human Identity Management (NHIM) in SailPoint ISC — service accounts, API identities, machine identities — with full lifecycle governance.
  • Defined and implemented the Non-Employee Lifecycle Management (NELM) process for contractor and vendor access management.
  • Applied least-privilege access control policies for non-human identities, reducing security vulnerabilities and unauthorized access risks.
  • Ensured NIST, SOX, and GDPR compliance through ISC configuration, access certifications, and audit reporting campaigns.
  • Delivered L2/L3 support for connector, aggregation, and provisioning issues; collaborated with DevOps and application teams on identity onboarding.
Danaher SailPoint IIQ Developer · Washington, DC
Apr 2023 – Jun 2025
  • Upgraded SailPoint IdentityIQ (IIQ) from version 7.2 to 8.1p2 with zero downtime, migrating custom rules, workflows, and configurations.
  • Configured JDBC, Delimited File, Active Directory, and Web Services connectors with sophisticated SQL-based provisioning and aggregation.
  • Created custom SailPoint IIQ rules, workflows, and JML for automated provisioning, access request processing, approvals, and de-provisioning.
  • Developed RBAC models (birthright roles, policies, rules) to enforce minimum privilege access rights and regulatory compliance.
  • Integrated Okta with IIQ for governance (IIQ) and authentication (Okta SSO/MFA); configured REST and SCIM integrations for multi-system synchronization.
  • Managed L3 support for provisioning, aggregation, and SSO issues; followed SDLC methodologies across all deployments.
Xcel Energy Java / SailPoint Developer · Minneapolis, MN
Jan 2020 – Mar 2023
  • Onboarded and deployed enterprise applications and identities to SailPoint IdentityIQ (IIQ) with effective password management solutions.
  • Developed dynamic UI with HTML, JSF, jQuery, and JavaScript; created and tailored BeanShell workflows including runtime build map rules and pre-iteration rules.
  • Configured Active Directory, DNS, DHCP, and Group Policy Objects (GPOs) on Windows Server for security and user management.
  • Migrated enterprise data to AWS S3 and Azure SQL Database; set up Splunk for real-time monitoring, incident resolution, and compliance auditing.
  • Authored PowerShell scripts to automate user provisioning, system configuration, and log monitoring, significantly reducing manual workload.
Technical Skills
IAM PLATFORMS
SailPoint ISC SailPoint IIQ 6.x/7.x/8.x Okta Entra ID IdentityNow
GOVERNANCE & COMPLIANCE
Access Certification RBAC / PBAC / ABAC SOX HIPAA GDPR NIST Zero Trust
CONNECTORS & INTEGRATIONS
JDBC SCIM REST API Active Directory Workday SAP ServiceNow Azure AD
LANGUAGES & SCRIPTING
Java / J2EE BeanShell PowerShell JavaScript Python XML SOAP
CLOUD & INFRASTRUCTURE
AWS S3 Azure Windows Server Linux Splunk Active Directory
DATABASES & SERVERS
Oracle MySQL MS-SQL Tomcat WebSphere WebLogic
Education
🎓
B.S. in Computer Science
YOUNGSTOWN STATE UNIVERSITY — OHIO
Minor in Mathematics Data Analytics Certification MOS Excel Certified
Get in Touch
📧
EMAIL
ajayaghimire812@gmail.com
📱
PHONE
214-614-8104
GITHUB
ajaya-ghimire
in
LINKEDIN
ghimire-ajaya24