# IAM Discovery Analyst > Qode · Texas, United States (Hybrid) · Full-time · Posted 2026-05-04 **Workplace:** hybrid ## Description **IAM Discovery Analyst – Job Description** **Role Overview** The IAM Discovery Analyst is a critical role responsible for discovery, analysis, and documentation of enterprise identity ecosystems. The role focuses on identity source discovery, lifecycle mapping, access analysis, and stakeholder-driven documentation to enable robust IAM transformation programs. This role acts as the foundation for identity governance by establishing visibility across identities, applications, access patterns, and lifecycle processes. **Key Responsibilities** ·      Lead identity source discovery across AD, LDAP, Microsoft Entra ID, and cloud IAM environments; onboard and normalize identity datasets ·      Discover and catalogue enterprise applications, authentication flows, and access pathways; map identity-to-application relationships ·      Develop end-to-end **Joiner–Mover–Leaver (JML)** lifecycle documentation with strong technical writing aligned to audit/compliance needs ·      Lead stakeholder workshops (HR, IT, Security, Business) to capture identity flows, access requirements, and process gaps ·      Perform **HRIS–IAM integration mapping** including data flows, attributes, triggers, and provisioning workflows ·      Analyze access patterns (roles, entitlements, usage) to establish baseline access models and optimization opportunities ·      Correlate and normalize identity data across systems; eliminate duplicates and identify orphan/shadow accounts ·      Support **RBAC/ABAC role modeling** and role mining initiatives using access and attribute insights ·      Enable automated discovery using APIs (REST, SCIM) and connectors ·      Identify identity risks (excessive access, toxic combinations, privilege creep) and recommend remediation actions ·      Develop **CISO-ready dashboards** (coverage %, orphan accounts, privilege exposure, onboarding gaps) ·      Work with IGA tools such as SailPoint IdentityNow, Saviynt, or similar platforms **Additional Key Expectation (Critical for Hiring):** ·      Strong **Business Analyst orientation** with ability to translate business processes into IAM constructs ·      Proven experience in **Wealth Management domain** (client onboarding, advisor access, portfolio systems, regulatory controls) ·      Ability to bridge **business, compliance, and technology** for identity lifecycle and access governance design Bottom of Form **Qualifications & Experience** • 6–10 years of experience in IAM, Identity Governance, or Security Engineering  • Proven experience in large IAM discovery or transformation projects  • Strong experience in identity lifecycle documentation and technical writing  • Experience in HRIS integration and enterprise process mapping  • Experience in leading stakeholder workshops  **Technical Skills** • Identity source discovery (AD, LDAP, Entra ID, Cloud IAM)  • Application inventory mapping and access discovery  • Data correlation, normalization, and identity reconciliation  • RBAC/ABAC understanding and role mining  • API (REST, SCIM) and connector knowledge  • Identity lifecycle (JML) mapping  • Risk and anomaly identification  • IAM tooling exposure (SailPoint, Saviynt, etc.)  • Reporting and dashboarding  **Certifications** Must-have: • SailPoint IdentityNow / IdentityIQ Certifications  • Microsoft IAM Certification (SC-300 or equivalent)  Good-to-have:  Okta Certifications , CyberArk Certifications , Cloud Certifications (AWS / Azure / OCI)  Strategic: CISSP , CIAM ,• CIGE  Soft Skills • Strong analytical and problem-solving skills  • Excellent communication and documentation capability  • Ability to engage C-level stakeholders  • Structured thinking and workshop facilitation capability  **Work Location** Austin US ## Apply [Apply at Qode](https://apply.workable.com/qodeworld/j/5761A61729/apply) --- Powered by [Workable](https://www.workable.com)