At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
As an Access Management (AM) consultant, you will be responsible for leading Access Management strategy, advisory, and implementation engagements, assisting clients in designing and deploying robust, secure, and scalable access management solutions across cloud and on-premises environments. The ideal candidate will have strong experience in implementing industry-leading AM tools such as Okta, ForgeRock, and Microsoft Entra ID, and will be well-versed in authentication protocols, risk-based access controls, and access policy enforcement. The candidate should be capable of driving access transformation initiatives, aligning with security frameworks, compliance requirements, and zero trust architecture principles.

SKILLS AND ATTRIBUTES FOR SUCCESS:

• 3+ years of hands-on experience with Access Management tools (e.g., Okta, ForgeRock, Microsoft Entra ID, Ping Identity).
• Proven experience with end-to-end AM solution implementation: Design, Build, Configure, and Test.
• Proficiency in configuring MFA, SSO, Federation, RBAC/ABAC models, access policies, and conditional access.
• Experience with integrating enterprise identity sources (e.g., Active Directory, Azure AD, Workday) and target applications (SaaS, custom, and legacy apps).
• Solid understanding of modern authentication standards – SAML, OAuth2.0, OpenID Connect, WS-Federation.
• Experience in access certification, governance enforcement, and audit controls within AM platforms.
• Familiarity with Zero Trust principles and their application in access enforcement and identity perimeter design.
• Knowledge of scripting or development languages (Java, JavaScript, PowerShell, REST APIs) for custom integrations.
• Experience working in cloud environments (Azure, AWS, GCP).
• Strong documentation and communication skills using MS Office tools.
• Certifications such as Okta Certified Professional, ForgeRock Certified Access Management Specialist, Azure Identity and Access Administrator (SC-300), CISSP, CISM, or TOGAF are a plus.

• Lead design and implementation of Access Management solutions using Okta, ForgeRock, Entra ID, and other industry-standard platforms.
• Develop and architect scalable Single Sign-On (SSO), Multi-Factor Authentication (MFA), Adaptive Access, Federation, and API security solutions.
• Provide subject matter expertise in Access Management across hybrid, cloud and on-premises environments.
• Align access policies and identity federation strategies with enterprise architecture and business objectives.
• Define and implement security standards, governance models, and access policies that support regulatory compliance and mitigate access risks.
• Integrate AM solutions with third-party and custom applications, leveraging protocols such as SAML, OAuth, OIDC, and SCIM.
• Collaborate with business stakeholders to define access requirements and ensure secure access to enterprise applications and services.
• Manage delivery of AM roadmaps, technical implementations, and solution optimization projects.
• Evaluate and improve existing AM platforms through access reviews, authentication enhancements, and automation.
• Drive implementation of passwordless authentication and context-aware access controls.
• Participate in technical workshops and governance forums, advising on best practices and architecture improvements.
• Conduct assessments, audits, and remediations aligned with compliance standards like NIST, ISO, and CIS benchmarks.
• Develop collateral for sales pursuits and assist with business development activities.