Identity and Access Management Engineer

The IAM Engineer will be a foundational member of a newly established Identity and Access Management (IAM) team. Reporting to the IAM Team Lead, you will be the first team member, playing a pivotal role in shaping the design, implementation, and ongoing development of the organization's IAM function.

This is a unique opportunity to build and influence the IAM landscape from the ground up, leveraging cutting-edge tools and best practices to meet the needs of a dynamic and competitive market. You'll collaborate closely with cross-functional teams to establish robust identity governance, access controls, and privileged access mechanisms that align with the organization's strategic goals.

Key Responsibilities:

• Lead on the technical implementation of an enterprise-level IAM function, including tools for identity governance and administration (IGA), privileged access management (PAM), and single sign-on (SSO).
• Manage workflows for joiners, movers, and leavers, integrating these processes across organizational systems.
• Develop and maintain automation for provisioning, deprovisioning, and access reviews.
• Act as a subject matter expert (SME) for IAM, providing guidance and training to other teams.
• Partner with IT, HR, and business units to ensure alignment of IAM solutions with organizational goals.
• Work with teams handling logical access to centralize and streamline identity practices.
• Assist in designing and enforcing Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) models tailored to business needs.
• Monitor and enhance policies for access control and segregation of duties (SoD).

Requirements:

• Hands-on experience with IAM tools and platforms (e.g., SailPoint, CyberArk, Okta, Azure AD).
• Strong knowledge of authentication protocols (e.g., SAML, OAuth, OpenID Connect) and directory services (e.g., LDAP, Active Directory).
• Experience with multi-factor authentication (MFA) and passwordless authentication strategies.
• Experience integrating IAM tools with other systems or client applications using APIs, including REST API.
• Strong communication skills in both English and Polish (B2 or higher).
• A proactive, hands-on approach to risk management and IAM operations.

Desirable:

• University degree in IT, cybersecurity, or related fields.
• Professional certifications such as CISSP, CISM
• Experience with cloud-based IAM solutions and their integration into corporate environments.
• Familiarity with SSO, MFA, and IAM automation tools.
• Knowledge of scripting languages (e.g., PowerShell) for IAM automation.

We offer:

• Employment based on an employment contract
• Flexible working hours
• Fully remote work
• Attractive benefits package for employees: private medical care: Luxmed, participation in Multisport card cost, additional benefits adapted to your needs within the cafeteria system, employee insurance on favourable terms
• Opportunity to develop in local structures of the KRUK Group
• There is a possibility of employment under a B2B contract
• Possibility to use a company car for private purposes.

We are dedicated to creating an inclusive recruitment process that upholds the principles of equal opportunity. Our focus is on candidates' competencies and their willingness to grow, regardless of gender, age, disability, religion, sexual orientation, background, or any other factors unrelated to their qualifications. We go the extra mile to ensure the recruitment process is accessible and thoughtfully tailored to accommodate individual needs.