We are seeking a skilled Senior IAM Engineer to join our team. As a Senior IAM Engineer, you will be responsible for implementing, building and managing Identity and Access Management (IAM) and Identity Governance and Administration (IGA) platforms in a hybrid setup (Azure and on-prem environments), ensuring automation, scalability, reliability, and security of identity services.
You will be involved in the full lifecycle of new solutions – requirements gathering, design, implementation, testing, and production rollout – along with day-to-day operations, incident response, and continuous optimization.
You will collaborate closely with application teams, infrastructure, security, and stakeholders to deliver high-quality identity solutions on time and to agreed service levels.
Responsibilities:
Install, configure, automate, and administer Omada Identity (IGA) and Microsoft Entra ID (Azure AD), including upgrades, patching, connector management, and identity lifecycle operations.
Design, implement, and support Privileged Access Management (PAM) solutions; define and enforce least-privilege access policies across systems and applications.
Own identity lifecycle processes: joiner, mover, leaver workflows, role-based access control (RBAC), access certifications, and segregation of duties (SoD) controls.
Implement and maintain identity security controls: authentication policies, MFA enforcement, Conditional Access, auditing, and compliance reporting.
Automate routine IAM operations using PowerShell (or other tools) and integration tooling; improve reliability through standardization and repeatable runbooks.
Configure and maintain federated identity protocols (SAML, OAuth 2.0, OIDC) and directory synchronization (SCIM) for SSO integrations with enterprise applications.
Collaborate with cross-functional teams to support application onboarding, troubleshoot access issues, and advise on identity architecture and governance patterns.
Work independently, mentor others, and contribute to improving the team's technical maturity and operational standards (on-call, incident/problem management).
Support audit and compliance activities by maintaining access review evidence, producing identity reports, and ensuring alignment with regulatory requirements (e.g., ISO 27001, SOX, GDPR).
Requirements:
Strong background in IAM/IGA platforms, particularly Entra ID and/or Omada Identity: installation, configuration, connector management, role modelling, and access certification workflows.
Hands-on experience with Microsoft Entra ID (Azure AD): user/group lifecycle, Conditional Access, App Registrations, Enterprise Applications, and directory synchronization.
Practical experience with Privileged Access Management (PAM): privileged account governance, just-in-time access, and credential vaulting.
Strong automation mindset with proficiency in scripting for identity operations and integrations.
Nice to have:
Experience with SSO configuration, MFA enforcement, and Conditional Access policy design.
Familiarity with federated identity protocols: SAML 2.0, OAuth 2.0, OIDC, and SCIM provisioning.
Experience supporting audit and compliance activities (ISO 27001, SOX, GDPR) through access reviews and identity reporting
Exposure to CI/CD pipelines (Azure DevOps, GitHub Actions) and Infrastructure as Code for identity platform automation.
What we offer:
- Opportunity to be part of a global organization.
Encouraging working atmosphere, engaging activities, and extra benefits (e.g. additional medical insurance (covers gym subscription), team events, outreach activities, and others);
- Hybrid work model with remote work opportunities ( 3/5 days weekly from the office)
Open, modern, and ergonomic work environment when working from the office with the multicultural community.
- Opportunity to grow professionally and personally (e.g. Udemy) and continuously develop within the domain.
- The salary range for this position is from 4.485 to 5.950 EURO gross before taxes.*
*Salary offer for the candidate is determined based on the predefined salary ranges for the position and depends on the level of competence and experience of the candidate.
Cognizant, as a digital company, makes employee health and safety its top priority. With that in mind, we are implementing virtual hiring and work practices which means all interviews will be conducted online as well as live from the office
We will be looking forward to Your CV.
Only suitable candidates will be contacted within 7 days from application.
Stay up to date with our website https://www.cognizant.com/lt/en
We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
Sobre nosotros:
Cognizant (NASDAQ: CTSH) es un arquitecto de soluciones de IA y proveedor de servicios tecnológicos que traduce la inversión en inteligencia artificial en valor empresarial real mediante soluciones de IA de stack completo adaptadas a cada cliente. Su profundo conocimiento de la industria, los procesos y la ingeniería le permite integrar el contexto único de cada organización en sistemas tecnológicos que amplifican el potencial humano, generan un impacto real en el negocio y mantienen a las grandes empresas globales un paso adelante en un mundo en constante cambio. Para más información, visita www.cognizant.es o síguenos en @cognizant.
Información adicional de empleo
La información de compensación es precisa a la fecha de esta publicación. Cognizant se reserva el derecho de modificar esta información en cualquier momento, sujeto a la legislación aplicable.
Es posible que se requiera que los solicitantes asistan a entrevistas en persona o por videoconferencia. Además, es posible que se requiera que los candidatos presenten su identificación actual emitida por el estado o gobierno durante cada entrevista.
Cognizant es un empleador que ofrece igualdad de oportunidades. Tu solicitud y candidatura no serán consideradas en base a raza, color, sexo, religión, credo, orientación sexual, identidad de género, origen nacional, discapacidad, información genética, embarazo, condición de veterano o cualquier otra característica protegida por las leyes federales, estatales o locales.
Si tienes una discapacidad que requiere adaptaciones razonables para buscar una vacante de trabajo o enviar una solicitud, puedes enviar un correo electrónico a [email protected] con tu solicitud e información de contacto.
