Identity and Access Management - In summary developing my skills
Things I need to work on.
- Automation
- Governance, getting familar it the ISO such as ISO20071 etc...
- Okta (I have read up on their CIAM)
- GCP - Google Cloud Platform
- GDPR & DPA(2018) check to see if there has been any updates
- Powershell - More practice is required (I have used bash in Linux before)
- Audits (Internal & External) - However it can be understood its better to learn on the job about this - SOC 2
- CyberArk & Sailpint (Learn more about the tool)
- Read up on NIST (National Institution of Standards & Technology)
- Microsoft Purview (Try it out or view it)
Things I already understand
- JML process
- SSO & MFA. Federation etc...
- Azure & AWS
- Documentation
- Jira
- Knowledge of Active Directory – IAM, RBAC (Role Based Access Control) & PAM (Privilege Access Managment) Controls
- Powershell - understand the fundamental concepts and what each piece of code does
- Used RedHat automation and worked through the exercises
- Pluralsight - Watched the videos on how IAM works in GCP, AWS & Azure
- SOC 2 - System & Organisation Controls
Things I have done
- Reviewed notes over Access Control
- Read and increased knowledge on Compliance (Microsoft)
- Completed the SC-300 exam and passed
- Reading up on the SC-400 (Microsoft) to gain more knowledge on Information protection
- As I am already familiar with Azure AD this has been renamed to Entra ID over a month ago. I am familiar with this and up to date
- ABAC (Attribute Based Access Control) - made notes
- Made notes of SOC 2 (System and Organisation Controls) criteria
- SOC 1 is based on the financial side
- Gone on Microsoft Learn to read about Microsoft Purview