One Identity Manager
Posted 4 hours 36 minutes ago by Tata Consultancy Services
Job Type: Permanent
Location: Letterkenny, Co. Donegal; Onsite
The One Identity Manager (1IM) Specialist is responsible for the governance, automation, and security of digital identities and access across the organisation. You will work to ensure that user, service, and privileged identities are managed through controlled, auditable lifecycle processes, integrating Active Directory (on prem and hybrid), Entra ID (Azure AD), and connected applications into a central Identity Governance & Administration (IGA) platform. The role focuses on policy driven access management, role and entitlement modelling, compliance, and automation, rather than day to day operation of directory infrastructure. You will work closely with AD administrators, security teams, HR, and application owners to ensure identities are secure, compliant, and aligned to business needs.
Key Responsibilities- Design and manage identity lifecycle (Joiner/Mover/Leaver) processes using One Identity Manager
- Automate provisioning and deprovisioning across Active Directory, Entra ID, and business applications
- Integrate authoritative data sources (e.g. HR systems) and manage identity attributes and reconciliation
- Define and maintain role models, RBAC, entitlements, and access governance structures
- Govern privileged, shared, service, and non human identities across environments
- Integrate and govern hybrid identity environments spanning on prem AD and Entra ID
- Enforce least privilege, segregation of duties, and policy compliance controls
- Support audits, access certifications, and identity risk reporting
- Automate workflows, approvals, and access requests using One Identity Manager and PowerShell
- Act as an escalation point for identity incidents and collaborate with security, SOC, and business stakeholders
- Work with public key infrastructure (PKI) and certificate based authentication
- Manage Flexible Single Master Operation (FSMO) roles to control specific AD operations
- Minimum 5+ years' experience in cybersecurity, IAM, or enterprise identity platforms, with at least 3+ years focused on Identity Governance and Administration (IGA) solutions such as One Identity Manager.
- Proven experience operating in complex enterprise identity environments, including on premises Active Directory and hybrid/cloud identity platforms (Entra ID / Azure AD).
- Strong expertise in designing and implementing identity lifecycle management (Joiner, Mover, Leaver) using One Identity Manager.
- Ability to leverage policy driven identity processes to reduce risk and manual administration.
- Deep understanding of role based access control (RBAC), entitlement based access models, and segregation of duties (SoD).
- Experience defining and maintaining Business roles and IT roles, Access packages and entitlement structures, Governing AD groups, Entra ID roles, and application entitlements.
- Ability to analyse access patterns and identify excessive, orphaned, or conflicting access.
- Strong working knowledge of Active Directory user, group, and permission models, Delegation models and group nesting strategies, Hybrid identity concepts (AD + Entra ID).
- Experience integrating One Identity Manager with On prem AD forests/domains, Entra ID / Azure AD.
- Experience supporting access reviews, certifications, and attestations through One Identity Manager.
- Familiarity with security and compliance frameworks where identity is a core control (e.g. ISO 27001, NIST, SOC 2).
- Ability to assess identity related risks and translate them into governance controls.
- Strong capability in identity focused analysis, including investigating access anomalies & identifying misconfigured or high risk identities.
- Strong analytical and problem solving skills, particularly in analysing complex access and role structures.
- Ability to clearly document identity processes, role models, and governance controls.
- One Identity Manager (1IM) Administrator or Engineer certification.
- Microsoft Certified: Identity and Access Administrator Associate.
- Microsoft Certified: Security Identity and Access Administrator.
- Experience with Identity Governance and Administration (IGA) solutions in enterprise environments.
- Experience implementing Joiner / Mover / Leaver (JML) processes.
- Knowledge of Role Based Access Control (RBAC) and entitlement based access models.
- Experience with access certification, recertification, and attestation processes.
- Exposure to hybrid identity environments (on prem AD + cloud identity).
- General security certifications such as CISSP, CompTIA Security+, or CompTIA CySA+.
TCS offers competitive salary packages featuring pension, health care, life assurance, laptop and access to extensive training resources and discounts within the larger Tata network. We offer health & wellness initiatives and sports events.
Diversity, Inclusion and WellbeingTata Consultancy Services UK&I is committed to meeting the accessibility needs of all individuals in accordance with the Ireland Employment Equality Acts (as amended) and the Equal Status Acts (as amended). We welcome and embrace diversity in race, nationality, ethnicity, disability, neurodiversity, gender identity, age, physical ability, gender reassignment, sexual orientation. We are a disability inclusive employer and encourage disabled people to apply for this role. As a Disability Confident Employer, we offer an interview to applicants with disabilities or long term conditions who meet the minimum criteria for the role. Please email us at if you would like to opt in.
Beware of Fraudulent OffersThis is to notify you that TCS does not ask for any sort of payment or security deposit from candidates at any stage of the recruitment process. The firm never sends out job offers from free internet email services like Gmail or Yahoo Mail. TCS has not authorised any third party company to collect money on their behalf. As a vigilant job seeker, beware of fraudulent recruitment activity and protect your interests! You can write to to report any fraudulent activity.