ProfessionalVendor-specificSailPoint· issued from US

SailPoint Identity Engineer

SailPoint Certified Identity Security Engineer

Designs and engineers SailPoint identity solutions across IdentityIQ and Identity Security Cloud (ISC).

Official page at SailPoint ↔ Compare with another cert

Exam fee

$600

Ongoing

$0/yr AMF

Study time

80–160 hrs

Delivery

Hybrid

Validity

Lifetime

› Quality score

22.0 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor

How well-defined and rigorous the exam blueprint is.

Vendor blueprint tied to the current SailPoint ISC / IdentityIQ release. Engineering-tier scope is broader than the Admin cert.

5.5/10

Practical evidence

Hands-on labs / written reports vs pure MCQ.

Hands-on lab plus written segment — solid for a vendor cert but not parity with pure-lab exams.

6.0/10

Currency & upkeep

How aggressively content is kept current with the field.

Tracks SailPoint product release cadence; updates lag major UI changes by a quarter or two.

5.0/10

Market recognition

How often this signal actually moves a hiring decision.

Recognised on enterprise IGA listings, especially in shops standardising on Identity Security Cloud. Narrow portability outside SailPoint estates. [Holders: vendor doesn't publish]

5.5/10

› Market signals

public, citable inputs to the recognition score

Holders worldwide

5,000

as of 2024-12 · source

SailPoint does not publish certified-holder counts; estimate from partner-channel signals.

› Built for these roles

Identity Security EngineerIGA Engineer (SailPoint-track)IAM Implementation Engineer

› Exam format

Combined written MCQ exam plus hands-on lab segment against a SailPoint instance. ~3 hours total. Covers source onboarding, role modelling, certifications, and lifecycle workflows.

› Recertification

Credential is permanent — no formal recertification, though re-examination is recommended after major product releases.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

DD-WRL-004IO-WRL-005

Recognition

GlobalUSEU

Exam languages

› Core domains covered

The 2 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A6Identity & Access Management

AuthN/AuthZ, SSO, MFA, PAM, RBAC/ABAC, identity governance, FIDO2/passkeys, plus non-human identity: service accounts, workload identity, agent / plugin identities.

A1Governance, Risk & Compliance

Risk frameworks (NIST RMF, ISO 31000, FAIR), policy development, audit, regulatory compliance, third-party risk.

› Also touched

Present in the blueprint but not the primary focus — you’ll be introduced but shouldn’t expect depth.

A3Zero Trust Architecture

Zero trust principles, micro-segmentation, NIST SP 800-207, ZTNA, continuous verification, BeyondCorp.

A5Cloud Security

AWS/Azure/GCP security controls, IAM policies, CSPM, container security, shared responsibility model.

› Prerequisites

Experience

1–2 years of hands-on SailPoint administration. Vendor-run engineering course strongly recommended.

Knowledge assumed

SailPoint role modelling and lifecycle workflows
Source onboarding and aggregation
BeanShell / Java-based rule customisation

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (1)

SailPoint IdentityIQ AdminSailPoint

SailPoint Identity Engineer

SailPoint

Required by (0)

No certs require this one.

Recommended next (0)

No follow-on certs reference this one yet.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain map Browse all certifications