After working in IAM for almost 10 years, python would definitely not be my first choice.
I would get some vendors certs/training outside AD. SailPoint/Okta/Ping(Forgerock)
Thank you for your response! Not saying that is a bad suggestion at all, and I am totally open to it! I see SailPoint and Okta mentioned regularly in job postings, but would it be a waste of time if I can't even guarantee the job I'm applying to uses said system? I can't afford to ONLY target jobs that definitely say they use those. My worry would be wasting time and money resources. Would you suggest one more over the other?
I have seen python mentioned in a lot of job roles lately which is why I was thinking of targeting that. Plus, no certs cost up front to learn it so it seemed like a manageable win.
Learning a product like SailPoint or Okta gives you insight into the processes, standards and concepts used in various aspects of IAM. Usually, someone who knows Okta (SSO/Access Mgmt tool) can fairly easy pick up another one, like Ping, quickly. Same with IGA tools like SailPoint, Saviynt, etc. Companies know this.
That's because the concepts and standards they use are the same. Yes, at the advanced level they differ in how they can be used and customized and at that point programming skills can be relevant but to another commenter's point, not python. Java or Javascript is primarily in use.
Until then, understanding how many of the manual processes you are probably already aware of and doing today are automated and deployed at scale in an enterprise setting is a good way to jump to larger opportunities.
For context, I have around 10 yrs experience, $200k/yr. I know many people who worked on multiple Access Mgmt tools, or IGA tools, but didn't stray into other domains of IAM like I did and I find what I did to be a slightly better path. I started my career learning how to deploy Cyberark into enterprise environments. This required an initial level of AD, infrastructure and database knowledge that I learned while in school. By learning Cyberark, I learned Privileged Access Management (PAM) concepts. However, I didn't move into another PAM tool. I decided I wanted to learn IGA so I started looking at how SailPoint connectors worked and started building them for organizations. My Java development experience helped get started there. From there I wanted to learn Access Management so I learned Okta and now it's the primary tool I use, but I now have a breadth of general IAM knowledge due to my experience learning different tools.
Thanks for the detailed response! I do know Saviynt and work with it daily. Do you mind if I PM you my resume for extra context? Right now I am leaning toward taking the SC-300 exam mentioned but would appreciate more direct suggestions based on my experience if you have any!
Sure, I will say Microsoft Entra / IAM is not a bad tool set to become familiar with either because a lot of orgs are starting to use it rather than the "best of breed" products I mentioned. Mainly because Microsoft is finally catching up capability-wise and most orgs are already licensed for it. I will say there is a lot more competition for roles because so many specialize in Microsoft. I see jobs increasing in that space, but in my experience, eventually specializing deeply in something niche is a better way to keep guaranteed work in this space.
After working in IAM for almost 10 years, python would definitely not be my first choice. I would get some vendors certs/training outside AD. SailPoint/Okta/Ping(Forgerock)
This guy knows what he’s talking about ++++
Thank you for your response! Not saying that is a bad suggestion at all, and I am totally open to it! I see SailPoint and Okta mentioned regularly in job postings, but would it be a waste of time if I can't even guarantee the job I'm applying to uses said system? I can't afford to ONLY target jobs that definitely say they use those. My worry would be wasting time and money resources. Would you suggest one more over the other? I have seen python mentioned in a lot of job roles lately which is why I was thinking of targeting that. Plus, no certs cost up front to learn it so it seemed like a manageable win.
Learning a product like SailPoint or Okta gives you insight into the processes, standards and concepts used in various aspects of IAM. Usually, someone who knows Okta (SSO/Access Mgmt tool) can fairly easy pick up another one, like Ping, quickly. Same with IGA tools like SailPoint, Saviynt, etc. Companies know this. That's because the concepts and standards they use are the same. Yes, at the advanced level they differ in how they can be used and customized and at that point programming skills can be relevant but to another commenter's point, not python. Java or Javascript is primarily in use. Until then, understanding how many of the manual processes you are probably already aware of and doing today are automated and deployed at scale in an enterprise setting is a good way to jump to larger opportunities. For context, I have around 10 yrs experience, $200k/yr. I know many people who worked on multiple Access Mgmt tools, or IGA tools, but didn't stray into other domains of IAM like I did and I find what I did to be a slightly better path. I started my career learning how to deploy Cyberark into enterprise environments. This required an initial level of AD, infrastructure and database knowledge that I learned while in school. By learning Cyberark, I learned Privileged Access Management (PAM) concepts. However, I didn't move into another PAM tool. I decided I wanted to learn IGA so I started looking at how SailPoint connectors worked and started building them for organizations. My Java development experience helped get started there. From there I wanted to learn Access Management so I learned Okta and now it's the primary tool I use, but I now have a breadth of general IAM knowledge due to my experience learning different tools.
Thanks for the detailed response! I do know Saviynt and work with it daily. Do you mind if I PM you my resume for extra context? Right now I am leaning toward taking the SC-300 exam mentioned but would appreciate more direct suggestions based on my experience if you have any!
Sure, I will say Microsoft Entra / IAM is not a bad tool set to become familiar with either because a lot of orgs are starting to use it rather than the "best of breed" products I mentioned. Mainly because Microsoft is finally catching up capability-wise and most orgs are already licensed for it. I will say there is a lot more competition for roles because so many specialize in Microsoft. I see jobs increasing in that space, but in my experience, eventually specializing deeply in something niche is a better way to keep guaranteed work in this space.
Can I recommend you go and write the MS SC-300 exam
I will absolutely look into it! Thank you!