Sandip Patil, Developer in Pune, Maharashtra, India
Sandip is available for hire
Hire Sandip

Sandip Patil

Verified Expert  in Engineering

IAM Security Developer

Pune, Maharashtra, India
Toptal Member Since
December 8, 2021

Sandip is a software developer with a decade of experience in IAM customization and integration. His expertise includes Access review and certifications, joiner, mover, and leaver (JML) processes, role-based access RBAC, automatic provisioning through the cloud, and on-premises connectors. Sandip is fluent in multi-factor authentication, risk-based access, SAML SSO, Java, and J2EE. He is practiced in full development lifecycles and Agile practices, bringing a cohesive synergy to teams.


BCG - Gamma
Okta, Security, Cloud, Azure Active Directory...
IntelliJ IDEA, Linux, Software Development, Identity & Access Management (IAM)...
Tech Mahindra
ISAM, SCIM, SOAP, IBM WebSEAL, Java, IntelliJ IDEA, PostgreSQL, Spring Boot...




Preferred Environment

Java, Identity & Access Management (IAM), Web Services, REST, Spring Boot, Apache Maven, GitLab CI/CD, Oracle, SAML-auth

The most amazing...

...tool I've implemented is an identity governance platform for a leading airline in the USA.

Work Experience

Okta/IAM engineer

2022 - 2023
BCG - Gamma
  • Managed multiple Okta instances and managed applications. Created automation for bulk application creation of both SAML and OIDC.
  • Worked on operations support for the Okta hub and spoke deployment.
  • Oversaw application lifecycle, onboarding to dicomm.
Technologies: Okta, Security, Cloud, Azure Active Directory, Identity & Access Management (IAM)

IAM Engineer

2019 - 2022
  • Designed and developed the Bulk Review Configuration Tool (RCT) for the SailPoint IdentityIQ IAM tool, which significantly reduced manual configuration, saving a lot of time and errors caused by manual work.
  • Designed and developed a custom ETL tool for a hybrid cloud environment.
  • Optimized SQL Server data load from Oracle for an ETL process using SQL Bulk Copy, reducing the process from hours to a few minutes.
  • Implemented TeamCity CI/CD for RCT and promoted the app from a lower environment to production. Implemented GitLab CI/CD for an ETL app and promoted the app from a lower environment to production.
  • Automated the reports generation process by using PowerShell and Windows Task Scheduler.
Technologies: IntelliJ IDEA, Linux, Software Development, Identity & Access Management (IAM), Java, REST, SailPoint, Oracle, SQL Server 2016, SailPoint IdentityIQ, TeamCity, Azure, Azure Active Directory, Cloud, Windows, Security

Associate Security Consultant

2017 - 2019
Tech Mahindra
  • Implemented IBM Security Access Manager (ISAM) Risk-Based Authentication (RBA) Configuration.
  • Configured SCIM API on the ISAM side and built a SCIM client using Java.
  • Implemented a SOAP web services wrapper for ISAM RBA services.
Technologies: ISAM, SCIM, SOAP, IBM WebSEAL, Java, IntelliJ IDEA, PostgreSQL, Spring Boot, JPA, Security, Risk Management

Senior Software Engineer

2014 - 2017
GS Lab
  • Developed and deployed various automated provisioning projects, including SSH, RACF, and Oracle connectors.
  • Developed and deployed generic REST and SOAP connectors.
  • On-boarded cloud and on-premises applications on Aveksa IAM. Performed workflow​ ​customization for approval and fulfillment as per business requirements.
  • Implemented Joiner, Mover, and Leaver (JML) scenarios in Aveksa IAM.
  • Implemented multi-factor authentication (MFA) for the Atlassian Jira and Confluence app for the iCrypto MFA provider.
  • Delivered a SAML 2.0-based SSO using Microsoft ADFS for an organization.
Technologies: Identity & Access Management (IAM), Single Sign-on (SSO), SAML, Java, Aveksa, REST, SOAP, Oracle, Sun Identity Manager (IDM), Okta, Messaging

Software Developer

2011 - 2014
ITConcepts GMBH
  • Introduced SMS alerts on different workflow task events using SMSLib with SMPP.
  • Designed, developed, and deployed the graphical representation of workflow​ ​processes​ ​using​ ​SVG.
  • Introduced​ ​JavaScript​ ​and​ ​Ajax​ ​with​ ​a new​ ​JSF​ ​component. Integrated​ ​the​ ​H2​​ ​lightweight memory​ ​database​ ​in​to the ​product.
  • Developed an entirely new workflow archiving system by adding searching​ ​and​ ​bulk​ ​archiving​ ​of​ ​selective​ ​workflow​ ​processes.
Technologies: Java, Oracle, IntelliJ IDEA, Ant Design, LDAP, Servlet, MySQL

Bulk Access Review Configuration Tool (RCT) for SailPoint IdentityIQ

Designed and developed a Java Spring Boot back-end-based application where Access review administrators can upload Access review certification definitions in MS Excel files, up to 500 definitions per row. I developed a REST web services API at a SailPoint host, consuming Access review definitions from the RCT app, validating specifications, and creating Access reviews on the SailPoint platform while providing an API for status checks.

IDAX Entitlement Analytics

The Idax Risk Engine analyses access rights, highlighting which employees have access to systems they should not. UBS is one of the largest banks in the world and has a lot of entitlement management systems. The challenge was to collect heterogeneous data from these systems, feed it to the Idax analytics engine, and then generate reports for stakeholders to review for overall entitlement distribution and associated risks.

Detailed tasks included the design and development of a custom ETL tool to work in an Azure hybrid cloud environment. Create a user-centric review generation based on the risk score, and integrate this with other entitlement systems using Microservices.

MasterCard Adaptive Authentication Web Services

Adaptive authentication provides risk analysis and step-up authentication functionality to clients. By collecting information about a user's device, their activity habits (i.e., typical login time, login location, etc.), and their past login success rate, adaptive authentication can calculate a risk score for a given login transaction. The MCAAWS application provides a web service interface for adaptive authentication. MCAAWS consists of a set of SOAP-based web services, which provide an interface for calling the functions of adaptive authentication. While MCAAWS does provide some business logic to mold the adaptive authentication product's workflows to fit with MasterCard business practices, the primary function of MCAAWS is to serve as a translator between clients and adaptive authentication.

My duties included: ISAM RBA and SCIM API configuration and the creation of SOAP web services.

RSA IGL and RSA Aveksa Identity Management and Governance

The RSA® Governance and lifecycle platform help organizations meet their security, regulatory, and business access needs through a collaborative set of business processes by automating manual tasks, providing evidence of compliance, reducing access-related business risk, and efficiently delivering business access.

I provided E2E delivery for the application onboarding that included request gathering, designing, documentation, development, support, recertification, and periodic reviews. Additionally, I ensured the AWS IAM, Google cloud IAM project delivery, and developed and deployed a variety of automated provisioning projects, including RACF, SSH, and Oracle connectors

iCrypto Multi-factor Authentication
iCrypto offers authentication and verification services to protect your most valuable assets while bringing accountability back to your enterprise. Using state-of-the-art biometric technology coupled with our back-end threat engine, we offer the most flexible and secure combination of solutions that enable a tailor-fit solution for your enterprise needs. My role was to implement multi-factor authentication (MFA) for Atlassian Jira and Confluence.


Java, SAML, SQL, JavaScript


Apache Maven, GitLab CI/CD, TeamCity, IntelliJ IDEA, SailPoint, IBM WebSEAL, Servlet, Postman, AppDynamics, YourKit, Atlassian SDK, Jira


Windows, Linux, Azure, Oracle, Jakarta EE, Android


Identity & Access Management (IAM), Software Development, Software Engineering, SOAP, Single Sign-on (SSO), Security, Risk Management, Messaging, Cloud, Okta, Software Design, ISAM, SCIM, Aveksa, Sun Identity Manager (IDM), LDAP, Web Services, SailPoint IdentityIQ, SAML-auth


Spring Boot, JPA, Windows PowerShell, JUnit, Ant Design, Spring


PostgreSQL, Azure Active Directory, Azure SQL, SQL Server 2016, MySQL, Oracle PL/SQL



2008 - 2011

Bachelor's Degree in Computer Science

KIT's College of Engineering - Kolhapur, Maharashtra, India

2006 - 2008

High School Diploma in Computer Engineering

Sahyadri Polytechnic - Sawarde, Maharashtra, India


Certified Azure Professional


Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.


Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring