About NCR VOYIX
Job Title: NIAM Analyst – Level III
Reports to: IT Support Manager.
Resource Type: Employee/Contractor Last Revision Date: 22nd Jan 2026
Function: NCR Voyix Identity & Access Management (NIAM)
Primary Platform: Oracle Identity Management (OIM) & Other IAM tools.
About the Team
NIAM is NCR Voyix’s enterprise Identity & Access Management function, responsible for secure, compliant, and frictionless workforce and non-workforce identity lifecycle management across our global environments. We operate and evolve OIM 12c at scale, integrating with directories, HR sources, enterprise apps, cloud services, and enforcement points to safeguard access and improve user productivity.
Role Summary NIAM Support Engg – Level III
You will manage day-to-day operations of OIM 12c, support identity lifecycle events
(joiner/mover/leaver), onboard applications, troubleshoot provisioning/reconciliation, and handle requests/incidents/changes. You’ll implement configurations, build simple customizations, automate routine tasks, and contribute to platform stability and audit readiness.
Key Responsibilities
- Identity Lifecycle (ILM): Operate and enhance joiner/mover/leaver processes, birthright and request-based access, de-provisioning, and orphan/rogue account clean-up.
- Provisioning & Reconciliation: Configure and support OIM 12c connectors
(trusted/target recon), scheduling, transformation rules, and troubleshooting end-to-end flows.
- Application Onboarding: Collect app requirements, map entitlements to roles, configure connectors/REST/CSV integrations, and test end-to-end provisioning.
- Directory & SSO Touchpoints: Work with LDAP directories (e.g., OUD/OID/AD), SSO standards (SAML/OAuth2/OIDC) and federation partners, coordinating with SSO engineers where applicable.
- Policies & Governance: Implement/maintain role-based access (RBAC/ABAC), SoD controls, approval workflows, and attestations/certifications (where applicable).
- Operational Excellence: Handle incidents, requests, problems, and changes using ITSM (ITIL v3/v4). Participate in on-call rotation for P1/P2s and planned maintenance.
- Security & Compliance: Support audit requests, evidence collection, access reconciliations, and remediation aligned with SOX/PCI/ISO27001.
- Documentation & Knowledge: Maintain solution designs, runbooks, SOPs, and KB articles; contribute to training and continuous improvement.
- Stakeholder Management: Collaborate with HRIS, App Owners, InfoSec, Service Desk, and Infrastructure teams to deliver consistent outcomes.
Scope & Expectations Level III – Detailed Responsibilities
- Serve as OIM 12c SME: architecture/design reviews, high availability, DR, capacity planning, performance tuning (recon/provisioning throughput, cache, DB tuning).
- Lead complex integrations: custom Java based OIM connectors, SOA/BPEL workflows, plugin/event handler development (pre/post process), and orchestration.
- Architect and drive role engineering (enterprise/birthright roles), attribute based policies, and delegated admin patterns.
- Implement advanced reconciliation patterns (multi source, identity correlation), and design exception handling and remediation workflows.
- Own application onboarding for high risk/mission critical systems; define patterns/templates/guardrails for scale.
- Integrate with cloud identity (e.g., Entra ID, AWS IAM, GCP IAM) and modernize towards just in time and zero trust aligned access models.
- Automate platform ops (CI/CD for configs/custom code, Infra as Code where possible), and establish observability (KPIs, dashboards, alerts).
- Steer audit/compliance readiness (SOX/PCI/ISO), design controls, and lead remediation.
- Mentor Level II analysts; conduct code reviews; define standards and best practices; contribute to roadmap and vendor engagement.
- Coordinate/lead major incidents (P1/P2), root cause analysis (RCA), and preventive actions.
Qualifications
- 4–6+ years in IAM; 2+ years deep on OIM 12c engineering/administration in large enterprises.
- Strong Java for OIM customizations (event handlers, schedulers, adapters), SOA/BPEL, and WebLogic administration.
- Expert in RBAC/ABAC, SoD, identity correlation, reconciliation/provisioning design, and connector framework.
- Proficient with REST/SOAP, JSON/XML, SQL/PL SQL, and performance troubleshooting (heap/GC/thread, DB explain plans).
- Proven experience with audit/compliance frameworks (SOX/PCI/ISO27001) and segregation of duties.
- Experience integrating with cloud identity (Microsoft Entra ID/Azure AD, SCIM/Graph) and hybrid patterns.
- Strong stakeholder leadership, communication, and mentoring skills. Nice to Have
- Exposure to SOA composites, OIM plug-ins/event handlers, and BI Publisher reporting.
- Experience with Azure AD/Microsoft Entra ID or other cloud identity providers.
- Understanding of RBAC modelling and SoD frameworks.
- Exposure to OAM, OUD, OID, and federation (ADFS/Entra ID).
- Hands-on with Kafka/queues, SIEM integrations for identity events, and Privileged Access Management touchpoints.
- Experience migrating from legacy OIM versions to 12c or adjacent platforms.
Technical Environment (Representative)
- Core: Oracle Identity Governance (OIG/OIM) 12c+, Oracle DB, Oracle WebLogic, SOA Suite
- Directories: Oracle Unified Directory (OUD), Active Directory
- Connectors: Out-of-the-box (AD/LDAP/DB), CSV/Flat-file, custom Java connectors
- Integration: REST/SOAP, SCIM (where applicable), HRIS (e.g., Workday/SuccessFactors) as authoritative sources
- Tooling: ServiceNow/Jira, Git/Bitbucket/Azure DevOps, CI/CD, Splunk/Elastic, Grafana/Prometheus (or equivalents)
- Security/Compliance: RBAC/ABAC, SoD, SOX/PCI/ISO controls, audit reporting (e.g., BI Publisher)
Key Performance Indicators (KPIs)
- Provisioning SLA compliance: e.g., 95% within defined SLA
- Reconciliation health: % of successful reconciliations, aging of unmatched/orphan accounts
- Incident metrics: MTTR for P1/P2, incident recurrence rate, change success rate
- Access hygiene: Reduction in excessive privileges; SoD violations identified/resolved
- Audit readiness: On-time evidence delivery; zero critical audit findings
- Automation & Quality: Reduction in manual tasks; defect leakage; test coverage for customizations
- Customer Satisfaction: Stakeholder CSAT and time-to-fulfill access requests
Education & Certifications
- Bachelor’s in computer science, Information Systems, or related experience.
- Preferred: Oracle Identity Governance/OIM certification, ITIL v3/v4 Foundation, Security certifications (e.g., CISSP, CCSP, CISM) and/or Microsoft SC-300 (Identity and Access Administrator).
Soft Skills
- Analytical problem solving, structured troubleshooting, and strong written documentation.
- Business partnering and requirements translation; ability to influence and drive consensus.
- Ownership in fast-paced, global, on-call environments.
Offers of employment are conditional upon passage of screening criteria applicable to the job
EEO Statement
Integrated into our shared values is NCR Voyix’s commitment to equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment.
Statement to Third Party Agencies
To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes
“When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”
