Career 9 min read

From Helpdesk to IAM Analyst: The Roadmap I Wish I'd Had at the Start

Chiamaka Simon-Okeke
Chiamaka Simon-Okeke IAM & Identity Governance Analyst | SC-300 | Security+ • June 5, 2025
From Helpdesk to IAM Analyst: The Roadmap I Wish I'd Had at the Start

If you've spent two years on a helpdesk, you've done more IAM work than you realize. Every password reset, every group membership change, every "I can't access the shared drive" ticket that ended in a quiet Active Directory edit — that's IAM. You just weren't calling it that.

The transition into a formal IAM Analyst role is mostly about three things: credentials, vocabulary, and a small portfolio of evidence. None of it requires a career break.

Credentials — the boring part that opens doors

Microsoft SC-300 (Identity & Access Administrator Associate) is the most-asked-for cert in IAM job descriptions in 2024. It is not particularly hard. It is, however, the most reliable single signal you can put on a resume that you are serious about this track.

CompTIA Security+ is the second-most-common ask. It is more general, but it pairs well with SC-300 — together they tell a recruiter "this person is on an IAM track and they understand the security context they sit inside of".

For SailPoint shops specifically, the SailPoint IIQ Professional Certification is gold. It's also expensive and harder to get if you don't already work somewhere that uses SailPoint, so don't start there.

Vocabulary — the part most people underestimate

A hiring manager scanning your resume in 20 seconds is looking for words they recognize from job descriptions. The work you already did at the helpdesk is IAM work; you just have to use the IAM-shaped names for it.

  • "Password reset for an offboarding employee" becomes "executed leaver workflow including credential revocation across affected systems".
  • "Added them to the right shared mailbox group" becomes "joiner workflow with role-based access provisioning against least-privilege baseline".
  • "Cleaned up a bunch of accounts that hadn't logged in" becomes "executed an Active Directory hygiene project covering dormant accounts, group sprawl, and access certifications".

None of this is dishonest. The work was real. You're just describing it in the language the hiring manager is searching for.

A small portfolio of evidence

One documented project will move you from "interesting candidate" to "ready to interview". The easiest project to scope: a quarterly Active Directory hygiene exercise. Pull dormant accounts. Disable. Document. Capture before/after metrics. Write a one-page summary. Sanitize and put it on a GitHub gist or a personal site.

That is a real artifact. It tells a hiring manager you have done the work, can document the work, and can think about the work in terms of measurable outcomes. The combination is rarer than it should be.

The actual timeline

For someone working on a helpdesk now: SC-300 in 8-12 weeks of evening study. Vocabulary rewrite of the resume in an afternoon. A hygiene project, captured properly, in one weekend per quarter. Six months from a standing start to an IAM-tagged resume that survives a recruiter's first pass.

That's it. There is no secret door. There is just paperwork, vocabulary, and one weekend of actual evidence — repeated until somebody calls back.

Tags: Career