Lifecycle Operations Playbook
RCCE students will learn the complete identity lifecycle from provisioning through deprovisioning, covering joiner-mover-leaver processes, account creation workflows, role-based access assignments, periodic access recertification, and timely account deactivation. RCCE students will learn to design identity lifecycle automation using identity governance platforms, implement approval workflows for access requests, detect orphaned and dormant accounts, enforce separation of duties, and integrate HR systems with identity providers to ensure access rights accurately reflect current employment status and job responsibilities. This operations-focused course delivers production-ready playbooks, checklists, and standard operating procedures. At an expert level, RCCE students will learn to build repeatable day-to-day operational workflows that ensure consistency and quality. Students receive templates and frameworks they can customize and deploy immediately in their security operations, reducing time to operational effectiveness.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Lifecycle Operations Playbook
- Execute hands-on tasks for lifecycle operations playbook
- Execute hands-on tasks for knowledge goals — covering Master full identity lifecycle, JML automation workflows.
- Execute hands-on tasks for skills goals — covering Deploy access recertification, orphaned accounts at scale.
- Execute hands-on tasks for operational outcomes — covering Reduce provisioning latency below 4 hours, Achieve 99% deprovisioning SLA.
- Explain Identity Lifecycle Framework Overview fundamentals
- Execute hands-on tasks for framework principles — covering Least privilege enforced at every transition, Automation first — manual only as exception.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for critical timing requirements — covering Joiners: access ready before Day 1 start, Movers: old access removed within 24 hours.
- Execute hands-on tasks for joiners: access ready before day 1 start — covering Movers: old access removed within 24 hours.
- Execute hands-on tasks for joiner process — account creation workflow
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for automation checkpoints — covering employee ID uniqueness, Verify manager chain exists.
| Module 01 | Lifecycle Operations Playbook |
| Module 02 | Knowledge Goals |
| Module 03 | Skills Goals |
| Module 04 | Operational Outcomes |
| Module 05 | Identity Lifecycle Framework Overview |
| Module 06 | Framework Principles |
| Module 07 | Joiner-Mover-Leaver Model |
| Module 08 | Critical Timing Requirements |
| Module 09 | Joiners: access ready before Day 1 start |
| Module 10 | Joiner Process — Account Creation Workflow |
| Module 11 | Identity Provider → |
| Module 12 | Automation Checkpoints |
| Module 13 | Validate employee ID uniqueness |
| Module 14 | Error Handling |
All hands-on labs run on Rocheston Rose X OS. Students practice lifecycle operations playbook by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for lifecycle operations playbook
- Lab 2: Execute hands-on tasks for knowledge goals
- Lab 3: Execute hands-on tasks for skills goals
- Lab 4: Execute hands-on tasks for operational outcomes
- Lab 5: Explain Identity Lifecycle Framework Overview fundamentals
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Lifecycle Operations Playbook, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI