CrawlJobs Logo

Senior Identity & Access GRC Engineer

Romania, Bucuresti · Job Posted July 02, 2026
Apply Position
Job Link Share

Job Description

Senior Identity & Access Governance Engineer is responsible for the design, implementation and continuous improvement of Identity and Access Management (IAM) controls across the organization to mitigate cyber risk and ensure compliance with local/international regulatory requirements. The role sits within the GRC function and acts as the technical authority for identity governance, ensuring the translation of policies into enforceable and auditable technical controls across on-premises, cloud and hybrid environments. This is a senior, hands-on role with governance responsibilities and cross-functional influence, who will design the operating model, define governance frameworks, implement risk-based controls and set the IAM maturity level at the enterprise level.

Job Responsibility

  • Define IAM governance framework, standards and control structure
  • Design IAM operational model
  • Translate IAM policies and standards into applicable technical controls
  • Design and maintain enterprise-wide RBAC models aligned with business roles and risk levels
  • Define and enforce Segregation of Functions (SoD) controls
  • Establish Key Risk Indicators (KRIs) and control effectiveness metrics
  • Maintain IAM documentation and record repository
  • Create an IAM maturity roadmap
  • Ensure alignment with Zero Trust principles
  • Design and optimize Joiner Mover Leaver processes
  • Ensure automatic provisioning and revocation of access in critical systems
  • Reduce accounts orphaned, inactive, and overprivileged
  • Integrate IAM with authoritative sources (HR and identity sources)
  • Define SLAs for deprovisioning and monitor compliance
  • Establish access recertification governance
  • Define governance framework for Privileged Access Management (PAM)
  • Reduce permanent administrative privileges
  • Implement Just in Time (JIT) and least privilege / Just Enough Access (JEA) principles
  • Ensure privileged session monitoring and logging controls
  • Coordinate with CSOC for identity-based detection cases
  • Ensure MFA enforcement for critical systems and high-risk users
  • Validate SSO and federation configurations
  • Define authentication assurance levels based on risk
  • Align identity controls with Zero Trust principles
  • Ensure alignment IAM with: NIS2, ISO 27001, GDPR, Internal Security Policies
  • Support for internal and external audits
  • Provide IAM records and remediation plans
  • Track and remediate IAM non-conformities
  • Assess the health of IAM/IdM platforms and lifecycle risks (EOL/EOS)
  • Identify coverage gaps in applications and cloud environments
  • Propose a modernization and improvement roadmap
  • Lead the integration of new systems in the IAM area
  • Close collaboration with: IT Operations, Network Operations, HR, Application Owners, Cloud & DevOps Teams, CSOC, Business teams
  • Act as SME in the identity area during security incidents
  • Ensure the inclusion of identity risks in the enterprise risk register

Requirements

  • 5–8+ years of experience in IAM or Identity Governance
  • Experience in building or transforming IAM capabilities
  • Hands-on experience with enterprise IAM platforms (SailPoint, Saviynt, OneIdentity, Okta, Microsoft Entra ID)
  • Experience with PAM solutions (CyberArk, BeyondTrust)
  • Strong knowledge of: RBAC / ABAC
  • Segregation of Functions (SoD)
  • SAML, OAuth2, OIDC
  • LDAP / Active Directory
  • MFA and conditional access policies
  • Experience in regulated environments (telecom, financial, utilities – preferred)
  • Experience in supporting audit and compliance programs
  • Enterprise IAM architecture and design
  • JML frameworks
  • Governance models for privileged access
  • Authentication and federation architecture (SSO, MFA, conditional access)
  • IAM integration in cloud and hybrid environments
  • Risk assessment and identity controls
  • Logging, monitoring and traceability requirements for identity systems
  • Ability to assess and improve the health of IAM platforms
  • Risk-based thinking
  • Ability to translate regulatory requirements into technical controls
  • Structured documentation and records management
  • Strong communication skills
  • Proactivity and ownership orientation
  • Ability to identify control deficiencies and propose solutions
  • Strategic thinking and long-term planning
  • Project management
  • Teamwork and accurate reporting
  • Problem-solving, negotiation, deadline orientation

What we offer

  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Access to internal Wellbeing & Recognition events
  • Extra vacation days (for seniority, special events, volunteering)
  • You will benefit from specializations in your field of activity, through programs based on modern training methods and systems

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Identity & Access GRC Engineer

8 matching positions

Senior Identity & Access GRC Engineer

Senior Identity & Access Governance Engineer is responsible for the design, impl...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in IAM or Identity Governance
  • Experience in building or transforming IAM capabilities
  • Hands-on experience with enterprise IAM platforms (SailPoint, Saviynt, OneIdentity, Okta, Microsoft Entra ID)
  • Experience with PAM solutions (CyberArk, BeyondTrust)
  • Strong knowledge of: RBAC / ABAC
  • Segregation of Functions (SoD)
  • SAML, OAuth2, OIDC
  • LDAP / Active Directory
  • MFA and conditional access policies
  • Experience in regulated environments (telecom, financial, utilities – preferred)
Job Responsibility
Job Responsibility
  • Define IAM governance framework, standards and control structure
  • Design IAM operational model
  • Translate IAM policies and standards into applicable technical controls
  • Design and maintain enterprise-wide RBAC models aligned with business roles and risk levels
  • Define and enforce Segregation of Functions (SoD) controls
  • Establish Key Risk Indicators (KRIs) and control effectiveness metrics
  • Maintain IAM documentation and record repository
  • Create an IAM maturity roadmap
  • Ensure alignment with Zero Trust principles
  • Design and optimize Joiner Mover Leaver processes
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

Lead Security Architect

We are looking for a Lead Security Architect to define and evolve the company’s ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
instadeep.com Logo
InstaDeep
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in enterprise and cloud security architecture
  • 5+ years in identity, access, and network trust design
  • 3+ years facilitating threat modeling and secure design reviews
  • Strong experience defining architecture standards and translating principles into practical patterns
  • Experience working across enterprise IT, cloud platforms, infrastructure, and product environments
  • Experience engaging with senior stakeholders across technical and non-technical functions
  • Security architecture at enterprise and cloud scale
  • Zero Trust and IAM architecture
  • Secure integration and trust-boundary design
  • Threat modeling and architecture review governance
Job Responsibility
Job Responsibility
  • Security architecture leadership
  • Define architecture principles and implementation patterns for Zero Trust, identity, authorization, trust boundaries, segmentation, secure integration, and secure access
  • Set the strategic direction for enterprise, cloud, and data security architecture
  • Define target-state architecture for Enterprise IT, Cloud, and Infrastructure, including IAM and identity trust models, reverse proxy and secure access architecture, network and data segmentation, cloud-native control patterns
  • Lead the development of architecture standards for secure integration between IT and product environments
  • Partner closely with Global IT Security Engineering on IAM, endpoint, VPN, reverse proxy, and access-tool integration
  • Define security architecture for AI/ML workflows, cloud-native data platforms, and ML pipelines
  • Establish and maintain AI/ML trust-boundary models
  • Support architecture and product teams on secure AI adoption
  • Shape standards for data governance and access design, ML pipeline trust boundaries, model and data protection patterns, secure use of AI assistants and AI-enabled workflows
  • Fulltime
Read More
Arrow Right

Senior IAM Analyst

We are seeking a Senior Technical IAM Analyst (L5) who operates with strong inde...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
deliveroo.co.uk Logo
DELIVER
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High Ownership: Drives initiatives independently with minimal oversight
  • Risk-Oriented Thinking: Understands control design principles, not just process execution
  • Structured Problem Solver: Breaks complex systems into logical components and identifies root causes
  • Audit-Ready Mindset: Designs processes with evidence, traceability, and defensibility in mind
  • Influential Communicator: Engages engineering and business stakeholders confidently and credibly
  • Continuous Improver: Seeks efficiency, automation, and simplification at scale
  • Strong hands-on experience in IAM governance and administration in a complex environment
  • Deep understanding of: Joiners / Movers / Leavers lifecycle controls
  • User Access Reviews and certification models
  • Segregation of Duties (SoD)
Job Responsibility
Job Responsibility
  • Own and continuously improve Joiners/Movers/Leavers (JML) processes, ensuring completeness, accuracy, and timeliness of provisioning and deprovisioning
  • Lead and enhance User Access Reviews (UARs), ensuring SOX compliance, audit defensibility, and measurable control effectiveness
  • Identify control weaknesses, segregation of duties (SoD) conflicts, and systemic risk patterns - and implement corrective improvements
  • Act as a control owner or delegate for key IAM SOX controls, partnering with Internal Audit and GRC
  • Drive measurable reduction in manual intervention, control exceptions, and audit findings
  • Design and implement IAM configurations across tools such as Okta, Azure AD, SailPoint, Conductor1, AWS IAM, or equivalent
  • Analyse and remediate complex access structures, including nested groups, 1-to-many mappings, and over-provisioned access
  • Interpret and influence infrastructure-as-code (Terraform, YAML, JSON) and workflow automations affecting identity governance
  • Collaborate with engineering teams to embed IAM controls into application architecture and CI/CD pipelines
  • Use data analytics to validate access models, detect anomalies, and assess risk exposure
What we offer
What we offer
  • A competitive and comprehensive compensation and benefits package
  • Compensation
  • Equity
  • Food
  • Time away
  • Wellness
  • Work Life
  • Up to 5% matched pension contributions
  • Some roles may be eligible for share awards
  • Free Deliveroo Plus: free delivery and access to special offers
  • Fulltime
Read More
Arrow Right

Chief Information Security Officer

Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s/Master’s degree in Information Security, Computer Science, Engineering, or related field from a reputable university
  • 12-15+ years of progressive experience in information security, cybersecurity, or technology risk roles, preferably in banking or financial services
  • Strong knowledge of Central Bank of Egypt cybersecurity frameworks, digital banking guidelines, and financial-sector regulations
  • Deep understanding of security technology, network security, IAM, application security, and SOC operations
  • Experience overseeing incident response, security architecture, and enterprise-wide risk management
  • Professional certifications preferred (CISSP, CISM, CRISC, CCSP or equivalent)
  • Strong knowledge of international standards like ISO 27001/27002 and global best practices for financial data protection
  • Strong leadership, communication, and stakeholder management skills with the ability to influence senior executives and steer enterprise-level decisions
Job Responsibility
Job Responsibility
  • Define and execute the bank’s enterprise information security strategy in alignment with the business and regulatory requirements
  • Establish security governance frameworks, policies, and standards across all technology and business functions
  • Oversee cybersecurity programs including threat detection, incident response, vulnerability management, and security operations
  • Lead enterprise-wide technology risk management, ensuring effective identification, assessment, and mitigation of risks
  • Ensure full compliance with Central Bank of Egypt cybersecurity mandates, digital banking requirements, and data protection regulations
  • Develop and manage the Cloud Security Architecture (e.g., AWS, Azure) strategy, ensuring secure configuration and compliance for all digital infrastructure
  • Establish Security Metrics and Key Risk Indicators (KRIs) for regular reporting to the Board and Executive Committee, demonstrating the effectiveness of the security program
  • Implement and govern API Security standards and best practices to protect data exchange within the digital ecosystem and external partners
  • Formally manage and sign off on outsourcing security agreements (third-party risk) to meet specific CBE requirements for external service providers
  • Coordinate internal and external audits, penetration tests, and security assessments
Read More
Arrow Right

Senior Technical IAM Analyst

We are seeking a Senior Technical IAM Analyst (L5) who operates with strong inde...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
deliveroo.co.uk Logo
DELIVER
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High Ownership: Drives initiatives independently with minimal oversight
  • Risk-Oriented Thinking: Understands control design principles, not just process execution
  • Structured Problem Solver: Breaks complex systems into logical components and identifies root causes
  • Audit-Ready Mindset: Designs processes with evidence, traceability, and defensibility in mind
  • Influential Communicator: Engages engineering and business stakeholders confidently and credibly
  • Continuous Improver: Seeks efficiency, automation, and simplification at scale
  • Strong hands-on experience in IAM governance and administration in a complex environment
  • Deep understanding of: Joiners / Movers / Leavers lifecycle controls
  • User Access Reviews and certification models
  • Segregation of Duties (SoD)
Job Responsibility
Job Responsibility
  • IAM Governance & Control Ownership: Own and continuously improve Joiners/Movers/Leavers (JML) processes, ensuring completeness, accuracy, and timeliness of provisioning and deprovisioning
  • Lead and enhance User Access Reviews (UARs), ensuring SOX compliance, audit defensibility, and measurable control effectiveness
  • Identify control weaknesses, segregation of duties (SoD) conflicts, and systemic risk patterns - and implement corrective improvements
  • Act as a control owner or delegate for key IAM SOX controls, partnering with Internal Audit and GRC
  • Drive measurable reduction in manual intervention, control exceptions, and audit findings
  • Advanced Technical Execution: Design and implement IAM configurations across tools such as Okta, Azure AD, SailPoint, Conductor1, AWS IAM, or equivalent
  • Analyse and remediate complex access structures, including nested groups, 1-to-many mappings, and over-provisioned access
  • Interpret and influence infrastructure-as-code (Terraform, YAML, JSON) and workflow automations affecting identity governance
  • Collaborate with engineering teams to embed IAM controls into application architecture and CI/CD pipelines
  • Use data analytics to validate access models, detect anomalies, and assess risk exposure
What we offer
What we offer
  • Benefits differ by country, but we offer many benefits in areas including healthcare, well-being, parental leave, pensions, and generous annual leave allowances, including time off to support a charitable cause of your choice
  • A competitive and comprehensive compensation and benefits package
  • Up to 5% matched pension contributions
  • Some roles may be eligible for share awards
  • Free Deliveroo Plus: free delivery and access to special offers
  • Team lunches from the best local restaurants
  • 25 days annual leave plus bank holidays, increasing with length of time spent working at Deliveroo
  • One day of paid leave per year to volunteer with a registered charity
  • Funded single cover healthcare on our core plan, with the option to add family members at own cost
  • On-site gym (HQ), discounted external gym membership
  • Fulltime
Read More
Arrow Right
New

Bar Captain

Communicate service needs to chefs and stewards throughout functions. Total char...
Location
Location
Malaysia , Petaling Jaya
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or G.E.D. equivalent
  • At least 2 years of related work experience
  • At least 1 year of supervisory experience
Job Responsibility
Job Responsibility
  • Communicate service needs to chefs and stewards throughout functions
  • Total charges for group functions, and prepare and present checks to group contacts for payment
  • Ensure banquet rooms, restaurants, and coffee breaks are ready for service
  • Ensure proper centerpieces are displayed on every table
  • Inspect the cleanliness and presentation of all china, glass, and silver prior to use
  • Check in with guests to ensure satisfaction
  • Set tables according to type of event and service standards
  • Communicate additional meal requirements, allergies, dietary needs, and special requests to the kitchen
  • Maintain cleanliness of work areas throughout the day
  • Follow all company and safety and security policies and procedures
  • Fulltime
Read More
Arrow Right
New

PACS Engineer

How would you like to work in a place where your contributions and ideas are val...
Location
Location
United States , Augusta
Salary
Salary:
Not provided
wellstar.org Logo
Wellstar Health System
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors Information Technology or Bachelors Computer Applications or Bachelors Biomedical Engineering
  • Advanced, hands-on experience administering, configuring, and supporting Sectra PACS / enterprise imaging
  • Hands-on experience with PACS solutions, with demonstrated Sectra proficiency
  • CIIP (Certified Imaging Informatics Professional) within 90 Days Required
  • PARCA (PACS Administrators Registry and Certification Association) within 90 Days Required
Job Responsibility
Job Responsibility
  • Design, implement, and optimize scalable PACS architectures that integrate with enterprise IT environments, including cloud-based and hybrid solutions
  • Ensure the PACS infrastructure is designed for high availability and fault tolerance to support hospital operations 24/7
  • Facilitate seamless integration with EHR, RIS, AI-driven diagnostic tools, and reporting systems using standardized protocols such as HL7 and DICOM
  • Enhance clinician workflows by designing user-centric PACS solutions that reduce inefficiencies and minimize image retrieval and load times
  • Develop strategies for load balancing, caching, and indexing to improve image retrieval speed and system responsiveness
  • Maintain in-depth knowledge of all applications and infrastructure supporting medical imaging, including networks, firewalls, and backend systems
  • Manage the lifecycle of PACS applications, ensuring efficient operation, preemptively resolving issues, and maintaining availability to support clinical operations
  • Monitor application performance, troubleshoot issues, and coordinate with technical teams to implement solutions
  • Ensure compliance with healthcare regulations and organizational policies
  • Oversee proper functioning of DICOM modalities, image routing, and data storage solutions
  • Fulltime
Read More
Arrow Right
New

Senior Iam Engineer

Randstad Digital (Formerly Finite Recruitment) - Senior IAM Engineer. Canberra b...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 19, 2026
Flip Icon
Requirements
Requirements
  • Australian Citizens ONLY
  • NV1 security clearance
Job Responsibility
Job Responsibility
  • Strong technical capability to support Business-as-Usual (BAU) operations for the One Identity Manager platform
  • Stabilizing and managing BAU activities at Level1 and Level2 to ensure operational stability and service continuity
  • Managing and supporting activities that overlap between BAU and Project delivery
  • Proactively monitor and troubleshoot complex issues in the One Identity Manager environment
  • Oversee the application of patches, updates, and upgrades to One Identity Manager and associated systems
  • Provide post-implementation support and develop detailed technical documentation
  • Perform daily Standard Operating Procedures (SOP’s) to maintain the quality of the operational platform
  • Configure and maintain IAM workflows, policies, and connectors to support BAU operations
  • Fulltime
Read More
Arrow Right