We are seeking a skilled Senior IAM Engineer to join our team. As a Senior IAM Engineer, you will be responsible for implementing, building and managing Identity and Access Management (IAM) and Identity Governance and Administration (IGA) platforms in a hybrid setup (Azure and on-prem environments), ensuring automation, scalability, reliability, and security of identity services.
You will be involved in the full lifecycle of new solutions – requirements gathering, design, implementation, testing, and production rollout – along with day-to-day operations, incident response, and continuous optimization.
You will collaborate closely with application teams, infrastructure, security, and stakeholders to deliver high-quality identity solutions on time and to agreed service levels.
Responsibilities:
Install, configure, automate, and administer Omada Identity (IGA) and Microsoft Entra ID (Azure AD), including upgrades, patching, connector management, and identity lifecycle operations.
Design, implement, and support Privileged Access Management (PAM) solutions; define and enforce least-privilege access policies across systems and applications.
Own identity lifecycle processes: joiner, mover, leaver workflows, role-based access control (RBAC), access certifications, and segregation of duties (SoD) controls.
Implement and maintain identity security controls: authentication policies, MFA enforcement, Conditional Access, auditing, and compliance reporting.
Automate routine IAM operations using PowerShell (or other tools) and integration tooling; improve reliability through standardization and repeatable runbooks.
Configure and maintain federated identity protocols (SAML, OAuth 2.0, OIDC) and directory synchronization (SCIM) for SSO integrations with enterprise applications.
Collaborate with cross-functional teams to support application onboarding, troubleshoot access issues, and advise on identity architecture and governance patterns.
Work independently, mentor others, and contribute to improving the team's technical maturity and operational standards (on-call, incident/problem management).
Support audit and compliance activities by maintaining access review evidence, producing identity reports, and ensuring alignment with regulatory requirements (e.g., ISO 27001, SOX, GDPR).
Requirements:
Strong background in IAM/IGA platforms, particularly Entra ID and/or Omada Identity: installation, configuration, connector management, role modelling, and access certification workflows.
Hands-on experience with Microsoft Entra ID (Azure AD): user/group lifecycle, Conditional Access, App Registrations, Enterprise Applications, and directory synchronization.
Practical experience with Privileged Access Management (PAM): privileged account governance, just-in-time access, and credential vaulting.
Strong automation mindset with proficiency in scripting for identity operations and integrations.
Nice to have:
Experience with SSO configuration, MFA enforcement, and Conditional Access policy design.
Familiarity with federated identity protocols: SAML 2.0, OAuth 2.0, OIDC, and SCIM provisioning.
Experience supporting audit and compliance activities (ISO 27001, SOX, GDPR) through access reviews and identity reporting
Exposure to CI/CD pipelines (Azure DevOps, GitHub Actions) and Infrastructure as Code for identity platform automation.
What we offer:
- Opportunity to be part of a global organization.
Encouraging working atmosphere, engaging activities, and extra benefits (e.g. additional medical insurance (covers gym subscription), team events, outreach activities, and others);
- Hybrid work model with remote work opportunities ( 3/5 days weekly from the office)
Open, modern, and ergonomic work environment when working from the office with the multicultural community.
- Opportunity to grow professionally and personally (e.g. Udemy) and continuously develop within the domain.
- The salary range for this position is from 4.485 to 5.950 EURO gross before taxes.*
*Salary offer for the candidate is determined based on the predefined salary ranges for the position and depends on the level of competence and experience of the candidate.
Cognizant, as a digital company, makes employee health and safety its top priority. With that in mind, we are implementing virtual hiring and work practices which means all interviews will be conducted online as well as live from the office
We will be looking forward to Your CV.
Only suitable candidates will be contacted within 7 days from application.
Stay up to date with our website https://www.cognizant.com/lt/en
We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
Over Cognizant
Cognizant (NASDAQ: CTSH) is een bouwer van AI-oplossingen en een leverancier van technologiediensten. Wij slaan de brug tussen AI-investeringen en ondernemingswaarde door het bouwen van full-stack AI-oplossingen voor onze klanten. Onze diepgaande kennis van sectoren, processen en engineering stelt ons in staat om de unieke context van een organisatie te verankeren in technologische systemen. Deze systemen versterken het menselijk potentieel, realiseren tastbare resultaten en geven wereldwijde ondernemingen een voorsprong in een snel veranderende wereld. Ontdek hoe op cognizant.ai of @cognizant.
Aanvullende arbeidsinformatie
De informatie over de beloning is correct op de datum van deze vacature. Cognizant behoudt zich het recht voor om deze informatie op elk moment te wijzigen, met inachtneming van de toepasselijke wetgeving.
Van sollicitanten kan worden verwacht dat zij gesprekken bijwonen, persoonlijk of via een videogesprek. Daarnaast kan van kandidaten worden gevraagd om tijdens elk gesprek een geldig, door de overheid uitgegeven identiteitsbewijs (zoals een identiteitskaart of paspoort) te tonen.
Cognizant is een werkgever die gelijke kansen biedt. Je sollicitatie en kandidatuur worden niet beoordeeld op basis van ras, huidskleur, geslacht, religie, levensovertuiging, seksuele geaardheid, genderidentiteit, nationale afkomst, handicap, genetische informatie, zwangerschap, veteranenstatus of enige andere eigenschap die wordt beschermd door federale, regionale of lokale wetgeving.
