Principal Identity and Access Management (IAM) Engineer

Principal Cyber Security Engineer - Identity and Access Management (IAM) 

For Digital Hub Warsaw, we are looking for:

The Principal Identity and Access Management (IAM) Engineer will:

• Act as a technical leader, steering high-impact, cross-functional projects to successful outcomes.
• Analyze and break down complex problems into manageable solutions with clear objectives.
• Demonstrate advanced expertise in system performance, scalability, architecture, and engineering best practices.
• Employ state-of-the-art principles, theories, and technologies in the field of IAM.
• Innovate and champion new principles and ideas in identity management.
• Resolve unusually complex and sensitive issues with creative and effective solutions.
• Exercise independent judgment to achieve project objectives.
• Manage long-term projects with a strategic focus.
• Provide significant technical influence, enhancing productivity and effectiveness across multiple teams by sharing expert knowledge and experience.
• Balance technical acumen and business insight to make informed decisions regarding technology strategies.

Key Tasks & Responsibilities:

• Design and implement IAM solutions leveraging SailPoint IdentityNow and Microsoft Entra ID to secure systems and data.

• Collaborate with various teams to define requirements, design solutions, and integrate IAM systems with existing applications.

• Manage user identities, roles, and access permissions across multiple platforms.

• Develop and enforce IAM policies and procedures to meet security and compliance standards.

• Perform access reviews, audits, and risk assessments to maintain security integrity.

• Monitor IAM systems for security issues and respond to incidents proactively.

• Automate IAM processes to enhance efficiency using scripting and automation tools.

• Provide expert guidance on IAM issues and lead IAM initiatives.

• Keep abreast of new IAM technologies and security trends to continually refine our practices.

• Work closely with security teams during incident responses to mitigate threats.

• Ensure IAM solutions are aligned with overall IT architecture through cooperation with enterprise architecture teams.

• Maintain effective communication across teams regarding project status, timelines, and changes.

Qualifications & Competencies (education, skills, experience):

• Bachelor’s degree in Computer Science, Information Systems, or a related field.

• 10+ years of experience in IT with a focus on identity lifecycle, access management, system integration, and entitlements management.

• 8+ years of experience in two or more of the following areas:

• Identity Lifecycle
• Access Governance
• Authentication
• Cloud Identity Management
• Customer IAM
• Privileged Access Management

• 5+ years of architecture, solution delivery, and/or DevSecOps experience.

• 3+ years of experience with cloud automation tools like AWS CloudFormation or HashiCorp Terraform.

• Proficiency in IAM integration patterns and standards (e.g., SAML, OAuth, OpenID Connect).

• Strong problem-solving abilities with a knack for complex systems.

• Excellent communication skills and ability to convey technical details to a non-technical audience.

• Preferred certifications: CISSP, CISM, CIAM.

• Familiarity with IAM governance frameworks (NIST, ISO 27001, GDPR) is beneficial.

Preferred:

• Experience with one or more IAM platforms (e.g., SailPoint, Savyint, Okta, CyberArk, HashiCorp).

• Solid background in Web Access Management architecture and implementation.

• Certifications: Microsoft SC-, AZ-, SailPoint IdentityNow Engineer.

• Understanding of DevOps practices and tools for IAM operations.

• Skilled in scripting languages like Python and PowerShell for automation.

• Experience with containerization and orchestration tools (Amazon ECS, EKS, Docker, Kubernetes).

• Independent worker and collaborative team player in a dynamic setting.

• Strong leadership and mentoring skills with the ability to manage multiple projects and priorities effectively. 

What do We offer:

• A flexible, remote-hybrid work model

• Great workplace in a new modern office in Warsaw

• Career development, 360° Feedback & Mentoring programme

• Wide access to professional development tools, trainings, & conferences

• Company Bonus & Reward Structure

• VIP Medical Care Package (including Dental & Mental health)

• Holiday allowance (“Wczasy pod gruszą”)

• Life & Travel Insurance

• Pension plan

• Co-financed sport card - FitProfit

• Meals Subsidy in Office

• Additional days off

• Budget for Home Office Setup & Maintenance

• Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs

• Tailored-made support in relocation to Warsaw when needed

• Please send your CV in English