Candidate Experience

These questions assess your background and how it aligns with the role.
Tell me about yourself.

I am Tejaswini, born and brought up in India, and I came to the USA to pursue my
Master’s degree in Information Technology with a concentration in Information
Systems Security from the University of Denver.

I started my career as a Technology Analyst at Infosys, where I worked with multiple

U.S. clients across sectors like finance, banking, and digital commerce. Over the
years, I developed deep expertise in Identity and Access Management (IAM),
particularly in Active Directory, Okta, and Azure Entra ID.

With more than 3 years of IAM experience, I have worked on user lifecycle
management, handling user access provisioning, deprovisioning, and modification to
ensure compliance. I worked on integrating applications in Okta using SAML integration,
have implemented SSO (Single Sign-On) and MFA (Multi-Factor Authentication) to
strengthen authentication security, and also worked extensively with RBAC, Security
groups, and file share structures.

I have strong Excel experience in data analysis, access reviews, and bulk user
management. Additionally, I have worked on ServiceNow for ticket management and
used PowerShell to automate user provisioning/deprovisioning.

I am known for my ability to work with cross-functional teams, collaborating with

security, IT operations, and compliance teams to enhance IAM frameworks. I am now
looking for an opportunity where I can apply my IAM expertise to real-world projects,
and I believe this position at CoBank is a perfect fit.

1. How have you used SailPoint in your previous roles?

o I don’t have direct experience with SailPoint, but I have extensive

experience with OKTA in my previous roles. I have worked on user
provisioning, deprovisioning, role-based access control (RBAC),
SSO integrations, and Multi-Factor Authentication (MFA) using OKTA.
Additionally, I have experience with identity governance, access
reviews, and enforcing least privilege policies in IAM environments.
While I haven’t used SailPoint directly, my strong IAM background with
tools like OKTA, Active Directory, and Azure Entra ID allows me to
quickly adapt to new IAM platforms like SailPoint.
2. What’s your experience with Active Directory (AD)?
 o I have administered AD environments, including managing users,
groups, security policies, and file share permissions.

o I have worked on domain migrations, GPO automation, and access

control policies to enforce security best practices.

3. Can you describe a time when you worked on user access provisioning
and deprovisioning?

o At LivePerson Inc, I handled onboarding/offboarding workflows using

Active Directory and OKTA

o I worked on role-based access provisioning, ensuring users had only

necessary permissions based on their job roles.
o I also performed regular access audits to remove unnecessary privileges
and prevent unauthorized access.
4. How proficient are you with Excel? Have you used it for IAM-related tasks?

o I have done a project for Goldman Sachs and have strong Excel skills,
including VLOOKUP, pivot tables, conditional formatting, and macros.

o In my project, I used Excel for access audits, data analysis, and

reporting in IAM, ensuring compliance and security optimization.

5. Do you have any experience with IdentityNow or ServiceNow?

o I don’t have experience with IdentityNow, but I have worked extensively

with ServiceNow as a ticketing tool for incident management, task
management, and change management. In my previous roles, I handled
user access requests, security incidents, and IAM-related tasks
through ServiceNow. I prioritized and resolved incidents based on their
urgency and impact, ensuring they were addressed within the defined
SLA (Service Level Agreement). My experience with ServiceNow has
helped me efficiently manage IAM-related tasks, collaborate with cross-
functional teams, and maintain compliance with security policies.
6. Have you ever run PowerShell or Bash scripts? Can you describe a
situation where you used them?

 Yes, I have used PowerShell for automating user account

provisioning and deprovisioning.

 Running scripts to check group memberships and access logs.

 Managing file share permissions efficiently.

 7. IAM roles can be repetitive. How do you stay engaged and motivated in
such tasks?

o Yes, I have worked on repetitive tasks before, particularly with Active

Directory (AD) and IAM-related tasks. I understand that IAM roles require
a high level of accuracy and consistency, and I stay engaged by focusing
on efficiency and continuous improvement.

o To make repetitive tasks more manageable, I always look for ways to

streamline processes, whether by using automation (PowerShell scripts
for AD tasks), improving documentation, or optimizing workflows to reduce
manual effort.

Description of Job

These questions test your understanding of the role.

1. What do you understand about this role and its responsibilities?

o This role focuses on user access provisioning, modification, and

deprovisioning.

o It involves managing Active Directory, SailPoint, file share

permissions, and Exchange mailbox permissions.

o Attention to detail is key, as IAM tasks directly impact security and

compliance.

2. Have you worked in a structured IAM team before? What was your role?
o Yes, I was part of IAM teams at LivePerson and Select Portfolio
Servicing.

o Same as intro
3. This job involves a lot of repetitive tasks. How do you handle repetitive
work without losing accuracy?

o I ensure accuracy through automation and documentation.

o I use Excel for tracking and validating access requests.

o I maintain focus by setting priorities and following structured

workflows.
 4. What challenges have you faced when managing user access and
permissions, and how did you solve them?

o Challenge: Users requesting excessive access beyond their job roles.

o Solution: Implemented Role-Based Access Control (RBAC) to enforce
least privilege principles.
o Challenge: Delayed user deprovisioning after offboarding.

o Solution: Automated offboarding workflows using PowerShell.

5. How would you handle a request for access if you suspect it’s
unauthorized?

o I would verify the request with the manager or IAM policy.

o If unauthorized, I would escalate it to the security team for further

review.

6. Can you explain the process of user onboarding and offboarding in IAM?

o Onboarding:

 Create user accounts in Active Directory and sync them to

OKTA.

 Assign appropriate roles, group memberships, and set MFA.

o Offboarding:

 Disable user accounts immediately after offboarding.

 Revoke application access and email permissions.

 Conduct an access review to ensure no active credentials
remain.

Expectations

1. What are your expectations from this role?

o I expect to contribute to IAM security, access management, and

compliance enforcement.

o I look forward to working with IAM tools like SailPoint, Active

Directory, and Excel to streamline processes.

2. How do you prioritize tasks when handling multiple user access requests?
 o I follow a ticketing system (ServiceNow) and prioritize based on urgency
and business impact.

3. How do you ensure accuracy and compliance in IAM processes?

o I ensure compliance by conducting regular audits and following IAM
policies, and also by enforcing RBAC, and performing access
reviews.

o Also by using Excel reports to validate user permissions.

4. What steps do you take when troubleshooting access-related issues?

o Verify user credentials and group memberships.

o Check Active Directory logs for errors.

o Consult IAM policies and escalate if necessary.

5. Have you worked in environments with strict security policies? How do you
ensure compliance?

o Yes, I have worked in finance and enterprise environments with strict

security standards.
o I ensure compliance by conducting regular audits and following IAM
policies, and also by enforcing RBAC, and performing access
reviews.

Company Culture

1. What type of work environment do you thrive in?

o I thrive in structured, collaborative environments where I can apply
IAM security principles and improve workflows.

2. This role requires attention to detail and patience. How do you maintain
focus in repetitive tasks?

o By using automation, setting clear goals, and tracking progress

using Excel or ServiceNow.

3. How do you handle feedback or process changes?

o I see feedback as an opportunity to improve and adapt to new IAM

security requirements.
Minor Technical Questions

1. How do Active Directory groups and permissions work?

o AD groups are used to assign permissions to users.

o There are security groups (for access control) and distribution

groups (for emails).

2. What is the difference between role-based access control (RBAC) and

discretionary access control (DAC)?

o RBAC: Access is granted based on predefined roles.

o DAC: Access is granted at the discretion of the data owner.

3. What is the purpose of Exchange mailbox permissions?

o They control who can access, send, or manage an Exchange mailbox.

4. How would you run a basic PowerShell script to check user permissions?

powershell
CopyEdit

Get-ADUser -Identity "username" -Properties MemberOf

Do you have any questions for us?

Can you give me some information about the team I’m going to work with.

What are the next steps in the hiring process and when can I expect to hear back

What do you know about the Company?

CoBank is a national cooperative bank and a key member of the Farm Credit System,
which provides financial services to rural America. Its mission is to support
agribusinesses, rural infrastructure providers, and related industries by offering
loans, leases, and other financial solutions. The bank primarily serves agriculture,
energy, water, and communications sectors in all 50 states.