Engineer, Identity & Access Governance

• Identity Federation & Lifecyle Management: Assist in the management of identity federation services and identity lifecycle workflows.
• Role-Based Access Control (RBAC): Coordinate role-based access entitlement definition, controls and reviews, ensuring alignment with organizational structures, business needs and work duties.
• User Access Governance: Coordinate user access controls, including provisioning, de-provisioning, and maintaining user entitlements across various systems and applications. Assist technology teams with the onboarding into single sign-on (SSO) to streamline user authentication and access.
• Privileged User Access Governance: Conduct regular privileged access reviews, ensuring that privileged user access is appropriate based on roles, responsibilities, and compliance requirements.
• Non-human Account Governance: Review categorization and ownership of non-human accounts, ensuring accuracy and mapping with CMDB. Monitor and coordinate secret rotations with IT teams.
• Monitoring Control & Compliance: Ensure continuous operational enforcement of identity and access management (IAM) policies, procedures, and compliance with regulatory requirements. Conduct periodic control design and operating assessments to identity improvement areas.
• Phishing-resistant MFA: Ensure timely user onboarding into Passwordless sign-in, Device Conditional Access and Windows Hello for Business with phishing-resistant MFA methods. Actively monitor onboarding and report progress update with high accuracy and relevant breakdowns such as region, entity, methods.
• Project Management: Review project questionnaire and documentation, ensuring alignment with identity & access policies and standards. Track implementations until completion.
• Guidance & Awareness: Develop guidelines to onboard end-users into standard practices and tools such as Passwordless and Windows Hello.
• Documentation & Reporting: Create effective documentation on identity & access governance policies, procedures, standards, controls, and configurations. Produce periodic reports with key metrics on governance activities, monitoring controls, usage patterns and compliance status. Provide insights for ongoing improvements in security posture.
• Service Delivery: Process service requests as per defined service levels (on-time, on-quality) in partnership with key stakeholders.
• Collaboration & Communication: Work closely with IT, Information Security, HR, and business units to ensure seamless identity & access lifecycle management.
• Continuous Improvement: Stay up-to-date with emerging trends, tools, and good practices in identity & access management. Propose improvements on processes, controls, technologies and tools.
• Other duties as assigned to meet business needs, contribute to broader projects and support colleagues.

• Education: Bachelor's degree or equivalent work experience.
• Experience: 5+ years' working experience ideally in information security or information technology.
• Communication: Presentation and communication skills.
• Analytical Skills: Ability to analyze security challenges and propose actionable solutions.
• Problem Solving: Ability to address and resolve issues in identity and access governance.
• Teamwork: Strong ability to work both collaboratively and independently achieving some of the goals set with little guidance.
• Project Management: Ability to collaborate in multiple projects, priorities, and deadlines in a fast-paced environment.

Complementary skills

• Strong English-speaking skills with experience working at a global company.
• Understanding of the Microsoft 365 suite of tools relating to managing user identities, entitlement and accesses.
• Solid understanding of IAM concepts, RBAC, SSO, MFA, least privilege, segregation of duty and need to know principles, and security frameworks.
• Certifications: Certified Identity Management Professional (CIMP), or other related credentials are a plus.