Privance
Apply now
// curriculum

The skills employers actually hire for.

Identity security is a specialty, not a generalist track. You go deep on the exact tools and frameworks that show up in real job descriptions, working in live environments instead of watching slides. The path is built in two levels: Level 1 lays the foundations with Chad, and Level 2 takes you into advanced work and the full governance, risk, and compliance stack with Lance.

CyberArkOktaActive Directory SOXHIPAANIST
// level 1 · foundations

Foundations: the platforms underneath everything.

Level 1 assumes no prior tech background. You build a working understanding of how enterprise identity is structured, get your first hands-on privileged-access work, and learn the tooling that the rest of the program connects to.

Privileged access (CyberArk)

Privileged accounts are the most powerful credentials in any organization, and CyberArk is the platform most enterprises use to lock them down. You start by learning what privileged access is, why it is targeted, and how a vault keeps those secrets controlled.

  • Vault and safe structure: how credentials are stored and segmented
  • Account onboarding and the basics of managing privileged accounts
  • Introduction to the Central Policy Manager (CPM) and rotation
  • Introduction to the Privileged Session Manager (PSM)
  • Core access policies and least-privilege thinking

Identity and SSO (Okta)

Okta is how modern organizations centralize who can sign in and what they can reach. You learn how single sign-on and multi-factor authentication work, then practice the lifecycle tasks that identity teams handle every day.

  • Single sign-on (SSO) and federation fundamentals
  • Multi-factor authentication (MFA) and authentication policies
  • User lifecycle: create, update, deactivate, and offboard
  • Groups, roles, and application assignments
  • How Okta connects to directories and downstream apps

Active Directory

Active Directory is the backbone that nearly everything else in IAM connects to. You learn how enterprise identity is organized, how access is granted through groups, and how the pieces of a domain fit together.

  • Domains, forests, and organizational units (OUs)
  • Users, groups, and group-based access
  • Delegation and basic administrative boundaries
  • Group Policy fundamentals
  • How AD feeds identity into Okta and CyberArk
See how Level 1 and Level 2 connect →
// the gate

Foundations first. Advanced work when you are ready.

No one moves to Level 2 before the fundamentals are genuinely solid. When Chad signs off, you advance to the deeper CyberArk, Okta, and Active Directory work and the full compliance stack.

Apply now Compare packages
// level 2 · advanced

Advanced: deeper into the same platforms.

Level 2 takes the tools you met in foundations and pushes into the work that real identity engineers do: designing access, automating it, and managing privileged sessions at scale. This track is led by Lance, a practicing identity and privileged-access engineer.

Advanced CyberArk

You move from understanding the vault to operating it. This is where session management, credential rotation, and onboarding at scale become hands-on skills you can speak to in an interview.

  • Privileged Session Manager (PSM): monitoring and isolating sessions
  • Central Policy Manager (CPM): automated credential rotation
  • Bulk account onboarding and platform configuration
  • Safe design, access workflows, and approval flows
  • Session recording and audit trails for privileged activity

Advanced Okta and provisioning

You go beyond logging in to designing how identity flows through an organization: automated provisioning, policy-driven access, and the integrations that connect Okta to everything else.

  • Automated provisioning and deprovisioning across applications
  • SAML and OIDC application integration
  • Conditional and risk-based authentication policies
  • Directory integration and identity sources
  • Lifecycle automation and access request workflows

Advanced Active Directory

You learn to design and secure the directory, not just navigate it: how access is structured, where it goes wrong, and how identity teams keep it clean and auditable.

  • Group and OU design for least privilege
  • Delegated administration and tiered access models
  • Group Policy at scale and security baselines
  • Synchronization between AD and cloud identity
  • Common access risks and how to remediate them
// level 2 · governance, risk & compliance

The compliance work that keeps regulated companies running.

Technical skill gets you in the door. Knowing the governance and compliance side is what makes you valuable to regulated employers in finance and healthcare. You learn the frameworks from real practice and connect them back to the access work you have already done.

Governance and SOX

SOX is where identity meets the auditor. You learn the access-control work that keeps public companies compliant, and how to produce the evidence an audit actually asks for.

  • Access reviews and periodic recertification
  • Segregation of duties (SoD) and conflict detection
  • IT general controls (ITGC) over access
  • Gathering and presenting audit evidence
  • Provisioning and deprovisioning as a controlled process

HIPAA and healthcare data

Healthcare is one of the largest employers of identity and access talent. You learn how protected health information is safeguarded through access control and what compliance looks like day to day.

  • Protected health information (PHI) and why it is regulated
  • The Privacy and Security Rules at a working level
  • Role-based access and the minimum-necessary principle
  • Access logging and audit controls for sensitive data
  • How identity teams support HIPAA compliance

NIST frameworks

NIST gives organizations a recognized language for managing risk. You learn how the major frameworks fit together and how identity controls map into them.

  • The Cybersecurity Framework (CSF) and its core functions
  • The Risk Management Framework (RMF) at a high level
  • Access-control families and how they map to your work
  • Identifying, assessing, and managing risk against a standard
  • How frameworks connect to SOX and HIPAA in practice
// bringing it together

A capstone that ties the tools to the frameworks.

Level 2 closes with applied work that connects what you have learned. You take privileged access, identity, and directory skills and put them to work against real governance and compliance requirements, the same way the job will ask you to. On Platinum, your capstone runs under Privance and becomes a defensible line on your resume, not a fabricated one.

// now enrolling

Ready to learn the skills employers hire for?

Apply to talk through your background and find the right package, or compare what each one includes. Platinum seats are limited per cohort.

Apply now Compare packages