Job Description

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Intermediate Quest One Identity Manager Developer

Role Overview:

An Intermediate Quest One Identity Manager Developer is responsible for complex development and integration tasks within the One Identity Manager platform. This role focuses on custom connector development, advanced workflow configurations, and optimizing synchronization processes for large-scale identity management.

Key Responsibilities:

Design and implement custom workflows using

Designer

and

Object Browser

for complex provisioning tasks, including multi-level approval processes and conditional attribute assignment. Develop and maintain

custom connectors

for integrating with external systems (e.g.,

REST APIs

,

SOAP Web Services

,

SAP

,

HR Systems

,

Azure AD

,

Oracle

), using

Synchronization Editor

and

APIs

. Write advanced

SQL stored procedures

,

triggers

, and custom queries for data reconciliation and manipulation within One Identity's database. Configure and optimize

Job Service and DBQueue

to handle high-volume job processing and resolve performance bottlenecks. Develop complex

VBScript

and

PowerShell

scripts to implement business logic (e.g., dynamic role assignments, custom event handling, and email notifications). Implement and configure

role mining

and

role lifecycle management

processes, ensuring role compliance and SoD (Segregation of Duties) policy enforcement. Extend the functionality of the

Web Portal

by customizing the

UI forms

, adding new fields, and configuring specific approval workflows for access requests. Perform advanced troubleshooting using

Job Queue Info

, analyzing detailed logs, and debugging synchronization and provisioning failures. Implement and maintain the

attestation process

, ensuring compliance through periodic certification of user roles and entitlements. Lead efforts to implement

custom reporting

using

SQL Server Reporting Services (SSRS)

or

One Identity Reporting Module

to deliver access governance insights. Integrate

One Identity Manager

with cloud services (e.g.,

Azure AD

,

AWS IAM

) and on-prem applications using custom-developed connectors.

Technical Requirements:

In-depth knowledge of

Quest One Identity Manager architecture

, including

Application Server

,

Job Server

, and

Data Governance Edition

. Advanced SQL skills for writing

stored procedures

,

views

, and

triggers

. Proficiency in

VBScript

,

PowerShell

, and knowledge of

One Identity Manager API

. Strong experience with

Synchronization Editor

for developing custom connectors. Deep understanding of

Active Directory

,

LDAP

,

HR systems

,

Azure

, and other integrated systems. Familiarity with

SoD policies

,

role mining

, and advanced RBAC configuration.

Senior Quest One Identity Manager Developer/Manager

Role Overview:

A Senior Quest One Identity Manager Developer or Manager is responsible for the overall architecture, design, and delivery of large-scale IAM solutions using One Identity Manager. They lead the design of custom connectors, workflows, role management, and compliance processes, ensuring scalability, performance, and security.

Key Responsibilities:

Architect and design scalable IAM solutions using

Quest One Identity Manager

to handle complex identity lifecycle management processes, including HR-driven provisioning, custom entitlements, and federated identity models. Lead the design and development of

custom connectors

for integration with on-prem and cloud-based applications, using

RESTful APIs

,

SOAP Web Services

, and

JSON/XML data handling

. Implement complex

provisioning workflows

with multi-step approval processes, dynamic decision-making logic, and condition-based role assignments using

One Identity Manager's Workflow Engine

and

Object Layer (DalScript)

. Optimize

Job Service

and

DBQueue

configurations to ensure high availability and load balancing in large-scale deployments. Develop custom

One Identity Manager Modules

, extending the base platform by adding functionality using

C#

or

One Identity Manager Framework

(Dialog scripts and custom assemblies). Implement advanced

Segregation of Duties (SoD)

enforcement mechanisms, including cross-system policy validation, and ensure attestation processes are automated and integrated into the identity governance framework. Lead the configuration and customization of

One Identity Manager Web Portal

, including designing custom forms, access request pages, and integrating third-party authentication mechanisms (e.g.,

SAML

,

OAuth

). Develop and implement automated compliance reporting and auditing processes, ensuring all identity governance data is readily available for audits and access certifications. Manage system upgrades, migration of connectors, and perform

disaster recovery

planning for One Identity Manager infrastructure. Lead the development team, mentor junior developers, and drive best practices in

scripting

,

connector development

,

workflow design

, and

system performance tuning

. Collaborate with security architects, auditors, and business stakeholders to ensure One Identity Manager meets all security, compliance, and business process requirements.

Technical Requirements:

Deep understanding of

Quest One Identity Manager architecture

, including

One Identity Manager API

,

Job Server

,

Synchronization Engine

, and

Data Governance Edition

. Expertise in

SQL Server

, with experience in writing complex

SQL stored procedures

,

functions

, and

views

. Advanced scripting skills in

VBScript

,

PowerShell

, and

C#

, with knowledge of building custom connectors and developing modules. Experience in integrating One Identity Manager with cloud platforms (e.g.,

Azure

,

AWS

), and enterprise applications (e.g.,

SAP

,

Oracle

,

Workday

). Knowledge of

Role-Based Access Control (RBAC)

,

SoD

, and attestation processes. Strong experience with

API integration

and data synchronization.

Experience leading IAM projects and development teams.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.





Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.





Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.