Security-Driven Technology Ownership
• Define and drive a secure, future-ready AM product roadmap aligned with our global IT and cybersecurity strategies.
• Ensure total compliance, risk mitigation, and secure configurations across all AM components to mitigate end-to-end cybersecurity risks.
Architecture, Build & Transformation
• Design and implement modern AM solutions, ensuring a seamless and secure transition from our legacy landscape.
• Translate complex security patterns and InfoSec requirements into robust Conditional Access policies and Zero Trust access controls.
Run & Service Excellence
• Oversee operations, manage L3 support, and ensure service performance.
• Guarantee strict adherence to ITIL processes, maintaining high-quality documentation, testing, and training for smooth handovers to IT Operations.
Leadership & Collaboration
• Lead, mentor, and coordinate a team of internal and external AM engineers.
• Provide technical leadership on identity security decisions, collaborating closely with Security, Architecture, Infrastructure (Network/Endpoints), and IAM (IGA/PAM) teams.
• Prioritize workloads across BAU, incidents, and project delivery.
Your Profile
Essential skills/knowledge/experience
• Experience: 8+ years as an IAM/Access Management professional in complex, international, hybrid environments.
• Security Mindset: A profound understanding of identity-related cybersecurity risks, Zero Trust architecture, and secure-by-design practices.
• Technical Mastery: Deep, proven expertise in the Microsoft Entra ID platform and identity protocols, with a holistic understanding of broader IT layers (Network, Compute, Endpoints).
• Education: Master’s degree in Computer Engineering or a related field.
• Certifications: Proven Microsoft Professional. SC-300 (Identity & Access) and/or AZ-500 (Azure Security) are highly preferred. SC-100 (Cybersecurity Architect) and ITIL are a big plus.
• Soft Skills: Strong verbal and written communication in English; experience with Agile methodologies (Jira) and technical workshop facilitation.
Desirable skills/knowledge/experience:
• Primary: Microsoft Entra ID (Conditional Access, Zero Trust controls)
• Hybrid/Legacy: Active Directory, Federation services (OpenAM), LDAP directories
• Protocols & Services: SAML, OAuth, OIDC, Certificate & PKI services (including Cloud PKI)