IAM Access Operations & Automation Engineer

Tasks

The position as IAM Access Operations & Automation Engineer involves modernizing and automating identity and access management in cloud environments. The tasks are:

• Applying infrastructure-as-code principles to structure access provisioning, governance, and lifecycle management while ensuring strong compliance and audit readiness
• Working with scripts, automation, and DevOps tooling to improve IAM operations, reduce manual efforts, and minimize access to human and non-human identities

Core Responsibilities

The main tasks are:

• Development, construction, and maintenance of IAM automation with PowerShell and/or Python, integration with Microsoft Graph and cloud identity APIs
• Applying Infrastructure-as-Code (IaC) principles with Terraform to manage identity artifacts such as users, groups, service principals, secrets, access packages, and conditional access policies
• Automation of Joiner-Mover-Leaver (JML) lifecycle processes for workforce and service identities
• Collaborate with business units and application owners to define access models, permissions, approval flows, and certifications.
• Identifying and remediating access risks, including orphaned accounts, access drift, overprivileged identities, and unauthorized privileged access
• Support access checks, audits, and regulatory inquiries by providing clear evidence and traceability
• Maintenance of operational documentation, runbooks, and audit trails to ensure repeatability and resilience
• Collaborate with security, platform, and compliance teams to continuously improve the IAM position

Requirements

The requirements are:
• Strong scripting experience with PowerShell and/or Python, including the use of REST APIs (Microsoft Graph preferred)
• Practical experience with infrastructure-as-code tools such as Terraform or Bicep
• Experience integrating IAM automation into CICD pipelines (GitHub Actions, GitLab, Azure DevOps, or Azure Automation)
• Solid understanding of Microsoft Entra ID or other cloud identity platforms (e.g., Okta, Auth0, AWS IAM)
• Experience with Azure and/or AWS cloud environments
• Strong written and oral communication skills in English

Desirable

The additional requirements are:
• Knowledge of identity protocols, including SAML, OAuth2, OpenID Connect, and SCIM
• Understanding of IAM governance concepts: JML, RBAC/ABAC, SoD, access certification
• Familiarity with regulatory frameworks such as ASNMA, GDPR, or DORA
• Exposure to access checks, audit support, and evidence control

We offer

We offer the opportunity to be part of a dynamic, global team that is building a trusted connection between traditional and digital assets. When you work with us, you will experience our fast-paced, exciting work environment, which Mer