Identity and Access Management Engineer

As a fresh member of our newly established Identity and Access Management (IAM) team, you will play a pivotal role in shaping the design and implementation of our identity function from the ground up. Reporting to the IAM Team Manager, you will primarily focus on building robust identity governance and automated lifecycles. Additionally, you will have the unique opportunity to support and develop our Privileged Access Management (PAM) service. This role is perfect for an IAM specialist who is eager to deepen their technical expertise in CyberArk and privileged security within modern environment. Key Responsibilities The technical rollout of enterprise IAM functions, focusing on Identity Governance and Administration (IGA), Joiner-Mover-Leaver workflows, and SSO integration. Develop and maintain automation for provisioning, deprovisioning, and periodic access reviews to ensure "least privilege" across the board. Assist in managing and optimizing our CyberArk environment, ensuring high availability of the Vault, CPM, and PSM components. Design and enforce RBAC and ABAC models tailored to business needs while monitoring Segregation of Duties (SoD). Act as a subject matter expert, partnering with IT, HR, and Security teams to align identity practices with organizational goals and regulatory requirements. Perform regular monitoring, troubleshooting, and patching for both IAM and PAM platforms to maintain a secure and performant landscape. Requirements Strong background with IAM/PAM tools (e.g., Okta, Azure AD, SailPoint, or CyberArk). Deep knowledge of authentication protocols (SAML, OAuth, OpenID Connect) and directory services (Active Directory, LDAP). Experience integrating identity tools with third-party applications using REST APIs. A proactive approach to risk management, MFA strategies, and passwordless authentication. Strong communication skills in both Polish and English (B2 level or higher). Ability to work independently in a "greenfield" environment, moving from manual processes to automated excellence. Desirable Qualifications PAM Interest: A strong desire to learn and develop advanced skills in CyberArk (Certified Trustee/Defender status is a huge plus). Proficiency in PowerShell or Python for automating identity tasks. What We offer: Employment based on employment contract Flexible starting hours Possibility of full remote work / hybrid model (depending on the place of residence) Attractive employee benefits package: private medical care (Luxmed), subsidy for Multisport card, additional benefits tailored to your needs within the cafeteria system, group insurance for employees on preferential terms Enjoy Mindgram – a modern platform offering professional psychological support and wellbeing tools Opportunity to receive an attractive bonus in the employee referral program Possibility to rent a company car for private use We are dedicated to creating an inclusive recruitment process that upholds the principles of equal opportunity. Our focus is on candidates' competencies and their willingness to grow, regardless of gender, age, disability, religion, sexual orientation, background, or any other factors unrelated to their qualifications. We go the extra mile to ensure the recruitment process is accessible and thoughtfully tailored to accommodate individual needs. #J-18808-Ljbffr