IAM System Engineer / Identity and Access Engineer
- Employment type
- Full-time
- Location
- Baden
- Salary
- CHF 115’000–125’000
- First posted
Today
5400 Baden
IT Systems Engineering
• Permanent position
Office
Salary band
115'000 - 125'000 CHF
Potential (2-3 years)
bis 5'000 CHF
01
Future Employer ##
An internationally active company in the pharma/biotech industry is looking for an experienced specialist in the field of Identity & Access Management (IAM) to strengthen the IT security team.
The role focuses on the further development and operation of a central IAM platform with an emphasis on identity governance, access control, and zero-trust architectures. The focus is not on operational authorization management, but on the technical conception, automation, and continuous improvement of identity and access processes.
02
Your Task ##
• Further development and operation of an IAM platform as well as integration of new applications.
• Conception and optimization of identity governance processes, role models, and system connections.
• Implementation of modern authentication and SSO solutions (e.g., MFA, SAML, OIDC).
• Introduction and optimization of Privileged Access Management as well as time-limited administration rights.
• Implementation of zero-trust and least-privilege principles.
• Securing service accounts and non-human identities.
• Automation of authorization processes and security controls.
• Collaboration with internal and external stakeholders to improve access security.
• Support for audits and compliance requirements (e.g., ISO 27001).
• Participation in the further development of the identity security architecture.
03
Benefits ##
• Participation in external further training
• Bistro or canteen
• Independent organization of daily business
• At least 5 weeks vacation
• Modern workplace
• Regular team-building measures and company events
• Structured and accompanied onboarding
04
Your Profile ##
• Completed studies in the field of information security, computer science, engineering, or comparable qualification.
• Practical experience with IAM/IGA platforms, ideally One Identity Manager or comparable solutions.
• Experience in the development of workflows, role models, and system integrations in the identity governance environment.
• Knowledge of Microsoft Entra ID and Conditional Access is an advantage.
• Experience with Privileged Access Management (PAM) and Privileged Identity Management (PIM).
• Sound understanding of identity security risks such as privilege escalation, outdated authentication methods, and insufficiently protected service accounts.
• Knowledge of relevant security standards and frameworks (e.g., ISO 27001, NIST, CIS).
• Experience with hybrid identity environments (Active Directory / Cloud Identity).
• Ability to analyze and continuously develop complex IAM landscapes.
• Strong communication and collaboration skills with IT, specialist, and security teams.
• Relevant certifications are a plus (e.g., CISSP, Azure Security, Security+).
• Understanding of identity governance processes and data models.
• Administration of Microsoft Entra ID and Conditional Access Policies.
• Knowledge of PAM/PIM concepts.
• Experience with SSO and federation technologies (SAML, OIDC, OAuth2).
• Knowledge of Active Directory and hybrid identity architectures.
• Automation with PowerShell and APIs.
• Understanding of cloud identities (Azure, AWS, SaaS)
05
Interesting Facts ##
• Dynamic and growing work environment with diverse internal development opportunities.
• Flexible working hours with home office possibilities as well as the option for additional vacation days through reduction of the working percentage.
• Individual development through internal and external training offers.
• Attractive pension benefits with above-average employer contribution to pension fund contributions.
• Access to an employee benefit platform with discounts at external partners.
• Fresh, healthy, and varied catering in the employee restaurant.
• Diverse free sports offers at the location.
Automatically translated from the original.
Posted today