Joseph Atiq

Collaborate with CIOs and IT departments of public hospitals and healthcare foundations, to review security policies and implement IAM solutions tailored to the healthcare sector’s requirements

Led design and implementation of IAM workflows including identity lifecycle, authentication, and authorization, integrating automation and compliance features.

Designed and maintained the authorization matrix, defining role-based and

attribute-based access control (RBAC/ABAC) to enforce least privilege principles.

Conducted access reviews and compliance audits to reinforce IAM governance and mitigate security risks..

Directed IAM solution and identity database migrations (EIM & BDD), ensuring zero data loss and operational continuity.

Drafted IAM policies and workflows, coordinated approval processes, and ensured alignment with enterprise IAM standards.

Certificate management and integration of PKI infrastructures into authentication processes

Acted as senior advisor to support L3/L4 teams on IAM issues and architectural decisions.

Designed, implemented, and maintained IAM solutions (SailPoint, SAP IDM) to secure and streamline access across a multinational environment.

Advised and supported business and IT teams in line with DevSecOps practices, ensuring smooth integration of IAM solutions into critical applications.

Conducted User Acceptance Testing (UAT) and monitored systems through to production deployment.

Managed identities, access rights, roles, SSO, and automation scripts, improving operational efficiency and compliance.

Provided advanced L3/L4 support for IAM platforms, acting as a key escalation point for critical incidents.

Collaborated with cross-functional teams (networks, R&D, support, business) to optimize IAM processes and strengthen overall cybersecurity posture.

Led a DevSecOps team, driving the design and development of secure microservices using Java/J2EE (Spring), Angular, and Ionic.

Integrated IAM solutions with Keycloak, implementing SSO, OAuth2, and OpenID Connect to enforce authentication and authorization across services.

Applied secure design patterns and access control mechanisms to strengthen the microservices architecture.

Established DevSecOps practices by embedding static code analysis, vulnerability scanning, and automated security checks into CI/CD pipelines.

Facilitated sprint planning and effort estimation, ensuring effective resource allocation and delivery timelines.

Mentored junior developers, promoting secure coding practices and knowledge sharing within the team.