CrawlJobs Logo

Access Management IAM Engineer

rewe-digital.com Logo

REWE digital

Location Icon

Location:
Spain , Málaga

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for an IAM Engineer/IT Engineer to support the modernization of our IAM landscape by designing, implementing, and maintaining innovative technical solutions. Someone who builds and administers IAM and IGA platforms to provide the foundation for automation, self-service, and compliance. You will be responsible for the administration and optimization of our Identity Governance Administration (IGA) platform to ensure secure, efficient, and reliable access for our business applications.

Job Responsibility:

  • Design, build, and operate a secure and scalable Identity Governance & Administration (IGA) platform as the foundation for automation and self-service
  • Develop and maintain technical connectors (e.g via SCIM or REST API) to integrate target systems like AD, Azure/Entra ID, SAP, and various SaaS applications into the IGA platform
  • Support the maintenance of CI/CD pipelines and containerized environments (Docker, Kubernetes) for the deployment and evolution of the IAM platform
  • Perform hands-on configuration of the IGA tool to align with business requirements
  • Implement and optimize role-based and context-based access control models (RBAC, CBAC, ABAC, NBAC)
  • Collaborate with security teams to ensure compliance and enable Zero-Trust architectures

Requirements:

  • Degree in Computer Science or equivalent qualification
  • Proven experience in Identity Governance & Administration (IGA) and IAM platforms
  • Practical knowledge of directory services (Active Directory, Entra ID, Keycloak)
  • Analytical mindset and ability to design complex authorization models
  • Strong communication and collaboration skills
  • Complete fluency in written and spoken English
  • Strong understanding of Authentication/Authorization and Identity & Access Management/Identity Governance (JML, SoD, Recertification etc.) concepts
  • Hands-on experience in platform engineering and automation desirable
  • Proficiency in scripting and developing languages (Groovy, Java, XML, JSON)
  • Skill in analyzing data and creating consistent structures
  • Experience working in agile environments (e.g., Scrum or Kanban) and a "ProductLed" mindset
  • Growth mindset and passionate about leveraging new technologies to drive efficiency

Nice to have:

  • Knowledge of MidPoint or similar IGA solutions
  • Experience in workflow orchestration and platform modernization
  • Understanding of Zero-Trust principles and security best practices
What we offer:
  • Hybrid work and flexible working time
  • Company conditions for private medical insurance
  • Ticket Restaurant
  • Professional development opportunities: English/German courses, and further IT education/trainings
  • Day off on your Birthday
  • 25 days paid vacation
  • A startup-like culture with fascinating opportunities, combined with the security of being part of a major corporate force
  • Challenging tasks but also a tech playground
  • Work in a modern office, fostering creativity, collaboration, and agility
  • A flexible, autonomous work environment where your ideas will contribute to our collective success
  • Open communication culture in an international environment with steady growth

Additional Information:

Job Posted:
March 20, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
REWE digital - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Access Management IAM Engineer

Identity & Access Management (IAM) Engineer

As a member of the Information Services Department, the Identity & Access Manage...
Location
Location
United States , Pittsburg, Philadelphia, Warrington, Exton, or Blue Bell
Salary
Salary:
Not provided
benchmarkmakers.com Logo
Benchmark Makers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information security or related field required
  • Minimum of five years in an IAM role required
  • Knowledge of Authentication Frameworks (SAML, OAuth, JWT, API Tokens)
  • Experience using languages such as Powershell, Python, or other current programming and scripting languages
  • Working knowledge of Active Directory/EntraID and their sub-services (Authentication, Authorization, Conditional Access, Multifactor, etc.)
  • Strong analytical and problem-solving skills to enable effective security event and problem resolution
  • Proficiency in working with APIs using Rest/Soap/Oauth
  • IGA experience required, preferably Sailpoint
  • Knowledge of compliance standards (HIPAA, CCPA, GDPR, etc.)
  • Knowledge of RBAC/ABAC principles and their implementations
Job Responsibility
Job Responsibility
  • Design and Implement Authentication and Authorization frameworks to protect systems and information
  • Develop and Maintain Single Sign-On configurations used by the organization
  • Create and develop IAM solutions for internal requirements and client requests
  • Collaborate and coordinate with other teams to establish security protocols across the Firm
  • Develop and maintain IGA solutions to provide efficient and effective lifecycle and access management
  • Create, develop, and maintain enforcement mechanisms to ensure that Firm policies are being adhered to across the Firm
  • Administration of Active Directory and EntraID services
  • Management of Enterprise and Team level projects while achieving deadlines set by the Firm
  • Respond and resolve to tickets incoming from End Users and other IT Members
  • Responsible for the development and administration of the IGA and PAM systems
  • Fulltime
Read More
Arrow Right

Identity & Access Management (IAM) Engineer

As a member of the Information Services Department, the Identity & Access Manage...
Location
Location
United States , Raleigh
Salary
Salary:
Not provided
benchmarkmakers.com Logo
Benchmark Makers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information security or related field required
  • Minimum of five years in an IAM role required
  • Knowledge of Authentication Frameworks (SAML, OAuth, JWT, API Tokens)
  • Experience using languages such as Powershell, Python, or other current programming and scripting languages
  • Working knowledge of Active Directory/EntraID and their sub-services (Authentication, Authorization, Conditional Access, Multifactor, etc.)
  • Strong analytical and problem-solving skills
  • Proficiency in working with APIs using Rest/Soap/Oauth
  • IGA experience required, preferably Sailpoint
  • Knowledge of compliance standards (HIPAA, CCPA, GDPR, etc.)
  • Knowledge of RBAC/ABAC principles and their implementations
Job Responsibility
Job Responsibility
  • Design and Implement Authentication and Authorization frameworks to protect systems and information
  • Develop and Maintain Single Sign-On configurations used by the organization
  • Create and develop IAM solutions for internal requirements and client requests
  • Collaborate and coordinate with other teams to establish security protocols across the Firm
  • Develop and maintain IGA solutions to provide efficient and effective lifecycle and access management
  • Create, develop, and maintain enforcement mechanisms to ensure that Firm policies are being adhered to across the Firm
  • Administration of Active Directory and EntraID services
  • Management of Enterprise and Team level projects while achieving deadlines set by the Firm
  • Respond and resolve to tickets incoming from End Users and other IT Members
  • Responsible for the development and administration of the IGA and PAM systems
  • Fulltime
Read More
Arrow Right

Identity and Access Management Engineer

Do you have experience designing and implementing Identity and Access Management...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
easygo.io Logo
Easygo Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3-5 years hands-on experience administering and architecting enterprise Identity and Access Management systems, particularly Okta or similar IAM platforms
  • Advanced technical expertise with modern identity protocols and standards including OIDC (OpenID Connect), SAML, and SCIM implementations
  • Proven experience managing Google Workspace as an Identity Provider, including application integrations and access management
  • Demonstrated ability to design identity architectures that balance security requirements with user experience and operational efficiency
  • Track record of successfully evaluating, selecting, and implementing identity technologies in production environments
  • Experience configuring SSO integrations for SaaS and enterprise applications using federated identity protocols
  • Strong understanding of authentication mechanisms including Multi-Factor Authentication (MFA), passwordless authentication, and passkey technologies
  • Practical knowledge of authorization models, role-based access control (RBAC), and attribute-based access control (ABAC) concepts
Job Responsibility
Job Responsibility
  • Design and architect enterprise identity and access management solutions that scale across nearly 2,000 global employees while maintaining security and operational efficiency
  • Serve as the organization's IAM subject matter expert, providing authoritative guidance on identity technologies, standards, and best practices to stakeholders across IT, Security, and Development teams
  • Develop comprehensive identity architecture roadmaps to uplift and modernize access control systems across the organization, aligning with business growth and security requirements
  • Evaluate, procure, and implement identity tools and platforms to continuously enhance IAM capabilities and address evolving organizational needs
  • Manage and optimize Google Workspace as the primary Identity Provider, ensuring seamless integration with enterprise applications and services
  • Configure and maintain enterprise identity systems including Okta and related IAM platforms, implementing OIDC, SAML, and SCIM integrations for application access
  • Provide expert consultation to product and engineering teams on customer-facing authentication systems, advising on MFA implementation, passkey adoption, and secure authentication flows
  • Design and enforce access control policies and authorization frameworks in alignment with least privilege and zero trust principles
  • Lead identity-related projects from conception to deployment, managing stakeholder expectations and delivering measurable improvements to identity operations
  • Automate identity lifecycle management processes including provisioning, de-provisioning, and access recertification workflows
What we offer
What we offer
  • In-house baristas serving free coffee, tea, fresh juices, and smoothies
  • Daily catered breakfast and regular company-wide events
  • Snack walls and drink fridges on every floor
  • Fun /modern office spaces with pool tables, table tennis, gaming consoles, and an F1 simulator
  • Access to our Employee Assistance Program for you and your loved ones
  • 9,000+ courses on our Learning & Development platform
  • One paid volunteer day per year
  • Weekly Wednesday massages by professional masseuses
  • Team budgets for lunches and activities to celebrate achievements
  • Social sports teams and participation in Corporate Games
  • Fulltime
Read More
Arrow Right

IAM - Privileged Access Management Principal

Principal PAM Architect to lead the strategy, architecture, design, and implemen...
Location
Location
United States , Houston
Salary
Salary:
117500.00 - 270000.00 USD / Year
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
  • 8+ years in cybersecurity or IT with demonstrated hands-on PAM specific experience in enterprise-scale environments
  • Proven experience in architecture, design, and implementation of PAM solutions across large, complex enterprises
  • Deep technical expertise with CyberArk (Privileged Cloud and on-prem)
  • Strong knowledge of Zero Trust principles, JIT/JEA access models, and privileged identity lifecycle management
  • Experience integrating PAM with cloud platforms (Azure, AWS, GCP), DevOps pipelines, and enterprise IT ecosystems
  • Experience with secrets management platforms (CyberArk Conjur, HashiCorp Vault, AWS Secrets Manager, etc.)
  • Working knowledge of modern authentication standards (SAML, OIDC, FIDO2, MFA, passwordless)
  • Hands-on expertise with Windows, Linux, Active Directory, and cloud IAM models
  • Good understanding of the privilege access models of Active Directory, Azure/Entra ID, AWS and GCP
Job Responsibility
Job Responsibility
  • Define PAM strategy, roadmap, and reference architectures aligned to enterprise security and compliance requirements
  • Design and implement scalable PAM solutions for large, complex environments across on-prem, hybrid, and multi-cloud infrastructures
  • Incorporate Zero Trust, Just-in-Time (JIT), and Just Enough Access (JEA) models into PAM solutions
  • Lead the enterprise rollout and lifecycle management of CyberArk Privileged Cloud and related modules
  • Implement and manage privileged session monitoring, endpoint privilege management (EPM), and application-to-application password management
  • Drive integration of PAM with identity providers, SIEM/SOAR, ITSM, and DevOps pipelines
  • Establish and enforce policies for privileged access governance, auditing, and regulatory compliance
  • Conduct regular reviews of PAM controls to prevent credential theft, lateral movement, and unauthorized access
  • Act as the PAM subject matter expert (SME), advising executives, architects, and engineering teams on privileged access security
  • Mentor and guide engineering teams on PAM best practices and secure operations
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Sr. IAM Engineer (PAM)

The Senior Identity and Access Management (IAM) Engineer specializing in Privile...
Location
Location
India , Gurgaon
Salary
Salary:
1350000.00 INR / Year
realign-llc.com Logo
Realign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a related field
  • 5+ years of experience in Identity and Access Management, with a focus on Privileged Access Management
  • Strong knowledge of PAM solutions, such as CyberArk, BeyondTrust, or Thycotic
  • Experience with implementing IAM frameworks, such as RBAC, ABAC, and PBAC
  • Excellent communication and problem-solving skills
  • Ability to work collaboratively in a team environment
Job Responsibility
Job Responsibility
  • Design, implement, and maintain Privileged Access Management solutions to safeguard critical systems and data
  • Develop and enforce access controls, policies, and procedures to protect sensitive information
  • Collaborate with stakeholders to define and implement IAM strategies that align with business objectives
  • Monitor and analyze access logs and security incidents to detect and respond to threats in a timely manner
  • Automate identity lifecycle management processes to improve efficiency and compliance
  • Provide technical guidance and support to junior engineers and team members
  • Stay current on industry trends and emerging technologies in IAM and cybersecurity
  • Fulltime
Read More
Arrow Right

IAM Infrastructure Engineer

The role is part of the Identity and Access Management Build and Integration tea...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years' experience implementing, operating, building and maintaining access management solutions (Ping Access, Ping Federate, Ping Directory) supporting single sign-on (SSO) with 4+ years' experience in Unix/Linux
  • Demonstrated experience with authentication and authorization technologies and protocols such as SAML, WS-Fed, OAuth, OpenID/OpenID Connect, one-time passcodes, PKI, FIDO, PBAC, RBAC
  • Experience in managing projects, leading operational process change and improvement and delivering infrastructure technologies products and services
  • Experience in financial services or large complex and/or global environment preferred
  • Demonstrated ability to both work independently and partner with virtual teams in a high-pressure matrix environment
  • Demonstrated ability to take ownership of various parts of a project/initiative with tight deadlines or unexpected changes in expectation/ requirements
  • Consistently clear and concise written and verbal communication with ability to communicate technical concepts to a non-technical audience
Job Responsibility
Job Responsibility
  • Review the design for Modern Access Control infrastructure with architecture and engineering teams
  • Deploy system capabilities incrementally and provide user authentication, SSO, federation, Role-Based and Attribute-Based Access Control
  • Manage auditing and reporting capabilities that are integrated with Citi enterprise logging and monitoring tools
  • Provide in-depth and sophisticated analyses, technical guidance and direction and identify and monitor key indicators to gauge performance and identify trends
  • Identify and resolve issues, engaging in Root Cause Analysis (RCA)
  • Understand diverse stakeholder needs and share and influence stakeholder expectations
  • Fulltime
Read More
Arrow Right

ForgeRock Engineer

Seeking a technically proficient Engineer with strong ForgeRock experience and t...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in IAM
  • 4+ years in ForgeRock technologies
  • Strong hands-on experience with ForgeRock AM, IDM, DS, and Identity Gateway
  • Proficiency in Java/Javascript, Python, RESTful APIs, JSON, LDAP, and scripting languages
  • Deep understanding of identity protocols: OAuth2, OpenID Connect, SAML 2.0
  • Experience with CI/CD pipelines, containerization (Docker/Kubernetes), and cloud platforms (AWS, Azure)
  • Familiarity with DevSecOps practices and secure coding standards
  • Excellent troubleshooting, debugging, and performance optimization skills
  • Good communication skills with stakeholders and migration lead experience
Job Responsibility
Job Responsibility
  • Designing, implementing and supporting ForgeRock-based IAM solutions (now Ping) aligned with needs and best practices
  • Collaborating with DevOps and infrastructure teams to support migration, deployment and production operations
  • Work with team on end-to-end migration of IAM systems to ForgeRock platforms
  • Design and implement custom connectors, workflows, and scripts for data transformation and synchronization
  • Integrate ForgeRock components with enterprise systems (Entra, LDAP, AD, REST APIs, cloud services)
  • Develop and maintain automation scripts using Java, Groovy, Python, or Shell
  • Configure and deploy ForgeRock modules: Access Manager (AM), Identity Manager (IDM), Directory Services (DS)
  • Conduct performance tuning, load testing, and security hardening of IAM infrastructure
  • Collaborate with architects and security teams to align IAM solutions with enterprise standards
  • Producing and documenting migration strategies, technical designs, and operational procedures
  • Fulltime
Read More
Arrow Right

IAM Senior Engineer - Active Directory/Entra ID

HPE Global IT is seeking a highly skilled Senior Active Directory (AD), Entra ID...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
  • 10+ years of IT or cybersecurity experience
  • 7+ years focused on AD, Entra ID, and Azure identity engineering in enterprise-scale environments
  • Deep hands-on experience managing multi-forest AD environments (schema, replication, delegation, GPOs, DNS, DHCP)
  • Strong expertise with Entra ID and hybrid identity integration (Entra Connect / Cloud Sync, federation, SSO)
  • Hands-on experience with Azure governance, RBAC, PIM, and access policy enforcement
  • Experience implementing conditional access, passwordless, and phishing-resistant MFA in Entra and Azure
  • Proficiency in PowerShell scripting, Graph API, and Azure automation for identity management and reporting
  • Solid understanding of authentication protocols (Kerberos, NTLM, LDAP, SAML, OIDC, OAuth2)
  • Familiarity with Zero Trust, tiered admin models, and directory hardening practices
Job Responsibility
Job Responsibility
  • Engineer, deploy, and optimize Active Directory, Entra ID, and Azure identity services across enterprise-scale hybrid environments
  • Design and manage multi-forest AD architectures, including schema extensions, replication, delegation, and hardening
  • Implement and maintain cross-domain and cross-tenant synchronization between AD and Entra ID using Entra Connect or Cloud Sync
  • Engineer secure authentication and federation flows leveraging Kerberos, NTLM, SAML, OIDC, and OAuth2
  • Implement and enhance conditional access, MFA, passwordless, and FIDO2 authentication methods in Entra and Azure environments
  • Support Zero Trust Directory Security through tiered administration, least privilege, and delegated access controls
  • Partner with cloud and infrastructure teams to ensure secure integration of Azure resources with enterprise identity services
  • Maintain and secure domain controllers, DNS, DHCP, and Group Policy Objects (GPOs) across global environments
  • Manage Azure AD tenants, subscriptions, and resource access controls (RBAC, PIM, Entra roles)
  • Integrate on-prem AD with Azure workloads, Microsoft 365, Intune, and other SaaS applications
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy