Sandip Patil, IAM Security Developer in Pune, Maharashtra, India
Sandip Patil

IAM Security Developer in Pune, Maharashtra, India

Member since November 17, 2021
Sandip is a software developer with a decade of experience in IAM customization and integration. His expertise includes Access review and certifications, joiner, mover, and leaver (JML) processes, role-based access RBAC, automatic provisioning through the cloud, and on-premises connectors. Sandip is fluent in multi-factor authentication, risk-based access, SAML SSO, Java, and J2EE. He is practiced in full development lifecycles and Agile practices, bringing a cohesive synergy to teams.
Sandip is now available for hire


  • UBS
    IntelliJ IDEA, Linux, Software Development...
  • Tech Mahindra
    RSA Aveksa, ISAM, SCIM, MFA, Risk based access, SOAP, IBM WebSEAL, Java...
  • GS Lab
    Identity & Access Management (IAM), Single Sign-on (SSO), SAML, Java, Aveksa...


  • Java 7 years
  • Identity & Access Management (IAM) 7 years
  • Oracle 4 years
  • Spring Boot 2 years
  • SailPoint 1 year
  • GitLab CI/CD 1 year
  • MFA 1 year
  • Azure 1 year


Pune, Maharashtra, India



Preferred Environment

Java, Identity & Access Management (IAM), Web Services, REST, Spring Boot, Maven, GitLab CI/CD, Oracle, SAML-auth, MFA

The most amazing...

...tool I've implemented is an identity governance platform for a leading airline in the USA.


  • IAM Engineer

    2019 - PRESENT
    • Designed and developed the Bulk Review Configuration Tool (RCT) for the SailPoint IdentityIQ IAM tool, which significantly reduced manual configuration, saving a lot of time and errors caused by manual work.
    • Designed and developed a custom ETL tool to work in a hybrid cloud environment.
    • Optimized SQL Server data load from Oracle for an ETL process by using SQL Bulk Copy, reducing the process from hours to a few minutes.
    • Implemented TeamCity CI/CD for RCT and promoted the app from a lower environment to PROD. Implemented GitLab CI/CD for an ETL app and promoted the app from a lower environment to PROD.
    • Automated the reports generation process by using PowerShell and Windows Task Scheduler.
    Technologies: IntelliJ IDEA, Linux, Software Development, Identity & Access Management (IAM), Java, IntelliJ, REST, SailPoint, Oracle, SQL Server 2016, SailPoint IdentityIQ, TeamCity, Azure, Azure Active Directory, Cloud, Windows, Security
  • Associate Security Consultant

    2017 - 2019
    Tech Mahindra
    • Implemented IBM Security Access Manager (ISAM) Risk-Based Authentication (RBA) Configuration.
    • Configured SCIM API on the ISAM side and built a SCIM client using Java.
    • Implemented a SOAP web services wrapper for ISAM RBA services.
    Technologies: RSA Aveksa, ISAM, SCIM, MFA, Risk based access, SOAP, IBM WebSEAL, Java, IntelliJ IDEA, PostgreSQL, Spring Boot, JPA, Security, Risk Management
  • Senior Software Engineer

    2014 - 2017
    GS Lab
    • Developed and deployed various automated provisioning projects, including SSH, RACF, and Oracle connectors.
    • Developed and deployed generic REST and SOAP connectors.
    • On-boarded cloud and on-premises applications on Aveksa IAM. Performed workflow​ ​customization for approval and fulfillment as per business requirements.
    • Implemented Joiner, Mover, and Leaver (JML) scenarios in Aveksa IAM.
    • Implemented multi-factor authentication (MFA) for the Atlassian Jira and Confluence app for the iCrypto MFA provider.
    • Delivered a SAML 2.0-based SSO using Microsoft ADFS for an organization.
    Technologies: Identity & Access Management (IAM), Single Sign-on (SSO), SAML, Java, Aveksa, REST, SOAP, Oracle, Sun IDM, RSA Aveksa, Okta, Messaging
  • Software Developer

    2011 - 2014
    ITConcepts GMBH
    • Introduced SMS alerts on different workflow task events using SMSLib with SMPP.
    • Designed, developed, and deployed the graphical representation of workflow​ ​processes​ ​using​ ​SVG.
    • Introduced​ ​JavaScript​ ​and​ ​Ajax​ ​with​ ​a new​ ​JSF​ ​component. Integrated​ ​the​ ​H2​​ ​lightweight memory​ ​database​ ​in​to the ​product.
    • Developed an entirely new workflow archiving system by adding searching​ ​and​ ​bulk​ ​archiving​ ​of​ ​selective​ ​workflow​ ​processes.
    Technologies: Java, Oracle, IntelliJ IDEA, Ant, LDAP, Servlet, MySQL


  • Bulk Access Review Configuration Tool (RCT) for SailPoint IdentityIQ

    Designed and developed a Java Spring Boot back-end-based application where Access review administrators can upload Access review certification definitions in MS Excel files, up to 500 definitions per row. I developed a REST web services API at a SailPoint host, consuming Access review definitions from the RCT app, validating specifications, and creating Access reviews on the SailPoint platform while providing an API for status checks.

  • IDAX Entitlement Analytics

    The Idax Risk Engine analyses access rights, highlighting which employees have access to systems they should not. UBS is one of the largest banks in the world and has a lot of entitlement management systems. The challenge was to collect heterogeneous data from these systems, feed it to the Idax analytics engine, and then generate reports for stakeholders to review for overall entitlement distribution and associated risks.

    Detailed tasks included the design and development of a custom ETL tool to work in an Azure hybrid cloud environment. Create a user-centric review generation based on the risk score, and integrate this with other entitlement systems using Microservices.

  • MasterCard Adaptive Authentication Web Services

    Adaptive authentication provides risk analysis and step-up authentication functionality to clients. By collecting information about a user's device, their activity habits (i.e., typical login time, login location, etc.), and their past login success rate, adaptive authentication can calculate a risk score for a given login transaction. The MCAAWS application provides a web service interface for adaptive authentication. MCAAWS consists of a set of SOAP-based web services, which provide an interface for calling the functions of adaptive authentication. While MCAAWS does provide some business logic to mold the adaptive authentication product's workflows to fit with MasterCard business practices, the primary function of MCAAWS is to serve as a translator between clients and adaptive authentication.

    My duties included: ISAM RBA and SCIM API configuration and the creation of SOAP web services.

  • RSA IGL and RSA Aveksa Identity Management and Governance

    The RSA® Governance and lifecycle platform help organizations meet their security, regulatory, and business access needs through a collaborative set of business processes by automating manual tasks, providing evidence of compliance, reducing access-related business risk, and efficiently delivering business access.

    I provided E2E delivery for the application onboarding that included request gathering, designing, documentation, development, support, recertification, and periodic reviews. Additionally, I ensured the AWS IAM, Google cloud IAM project delivery, and developed and deployed a variety of automated provisioning projects, including RACF, SSH, and Oracle connectors

  • iCrypto Multi-factor Authentication

    iCrypto offers authentication and verification services to protect your most valuable assets while bringing accountability back to your enterprise. Using state-of-the-art biometric technology coupled with our back-end threat engine, we offer the most flexible and secure combination of solutions that enable a tailor-fit solution for your enterprise needs. My role was to implement multi-factor authentication (MFA) for Atlassian Jira and Confluence.


  • Languages

    Java, SAML, SQL, JavaScript
  • Tools

    Maven, GitLab CI/CD, TeamCity, IntelliJ IDEA, SailPoint, IBM WebSEAL, Servlet, Postman, AppDynamics, YourKit, Atlassian SDK, Jira
  • Platforms

    Windows, Linux, Azure, Oracle, Jakarta EE, Android
  • Other

    Identity & Access Management (IAM), Software Development, Software Engineering, RSA Aveksa, Risk based access, SOAP, Single Sign-on (SSO), Risk Management, Messaging, Cloud, Okta, Software Design, ISAM, SCIM, MFA, Aveksa, Sun IDM, Ant, LDAP, Web Services, SailPoint IdentityIQ, SAML-auth
  • Frameworks

    Spring Boot, JPA, Windows PowerShell, JUnit, Spring
  • Storage

    PostgreSQL, Azure Active Directory, Azure SQL, SQL Server 2016, MySQL, Oracle PL/SQL
  • Industry Expertise

  • Paradigms



  • Bachelor's Degree in Computer Science
    2008 - 2011
    KIT's College of Engineering - Kolhapur, Maharashtra, India
  • High School Diploma in Computer Engineering
    2006 - 2008
    Sahyadri Polytechnic - Sawarde, Maharashtra, India


  • Certified Azure Professional

To view more profiles

Join Toptal
Share it with others