Active Directory, IAM, PKI, EntraID, FIDO2, Stockholm, AD
Senior IAM/AD Engineer will be responsible for designing, implementing, and maintaining our Active Directory, Entry ID and MS-PKI systems. You will work closely with cross-functional teams to develop and enforce IAM policies and procedures, ensuring the secure access of authorized personnel while minimizing security risks. This role requires a deep understanding of IAM principles, strong technical expertise, and the ability to adapt to evolving security challenges. Key Responsibilities: System Design and Implementation: - Architect, implement, and maintain AD, PKI and EntraID solutions to meet the organization's security requirements. - Develop and enforce access policies to ensure the principle of least privilege. - Integrate AD, PKI and ExtraID systems with existing applications and infrastructure. Access Control and Governance: - Support the IT-Governance-Team extending the IT-Directive with IAM/PAM specific content. - Enhance the existing Active Directory Systems - Implement and manage identity governance solutions for user provisioning and de-provisioning. Authentication and Authorization: - Enhance and execute the federation of applications with our main IdP systems (Entra ID). - Enhance our multi-factor authentication platform based on Entra ID by additional advanced security measures (Windows Hello for business, FIDO2). Directory Services: - Re-organization and optimization of AD group policies - Consolidation and migration of legacy AD systems into the central environment. - Implementation of best practices security practices to AD systems - Conduct regular audits to assess compliance and identify areas for improvement. Incident Response: - Collaborate with the incident response team to investigate and respond to security incidents related to IAM. - Controlling of the Provider KPIs and provider steering. Roadmap, Documentation and Training: - Create and ensure the successful implementation of an AD/PKI roadmap. - Document processes, configurations, and changes. - Create and provide training material to end-users and IT staff on best practices. Qualifications and Skills: - Bachelor's degree in Computer Science, Information Security, or a related field. - Proven experience as an IAM/AD/PKI Engineer or similar role. - Strong understanding of IAM platforms and architectures available on the market. - In-depth knowledge of IAM concepts, technologies, and best practices. - Strong understanding of security protocols, cryptography, and identity federation. - Strong hands-on experience with IAM solutions such as MS Active Directory, MS Entra ID (aka Azure AD) - Active Directory related certifications are a plus. - Excellent communication and collaboration skills in English language. - Analytical, result oriented mindset with problem-solving abilities. - Ability to work in a fast-paced, dynamic environment. - Programming/scripting skills (PowerShell and/or C#) are a plus
