Identity & Access Management Expert
Uni Systems
Posted: May 12, 2026
Interested in this position?
Create a free account to apply with AI-powered matching
Quick Summary
We are looking for an Identity & Access Management Architect to join our team and design and standardize token, sess flows.
Required Skills
Job Description
At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for an Identity & Access Management Architect to join our UniQue team.
What will you be doing in this role?
• Define and maintain modern authentication standards and reference architectures for applications and APIs using OAuth2, OIDC, and SAML.
• Support project teams in implementing, troubleshooting, and securing authentication flows (Auth Code + PKCE, Device Code, Client Credentials, OBO), including production incident resolution.
• Design and standardize token, session, claims, and permission strategies, including least-privilege access, consent governance, IdP normalization, and scalable API authorization models.
• Configure and operate federation integrations (IdP/SP), including metadata management, certificate rollovers, and SSO troubleshooting.
• Design and implement risk-based access controls, Conditional Access policies, MFA strategies, and phishing-resistant authentication aligned to application sensitivity.
• Deliver and improve Entra ID tenant configurations, governance controls, and operational security posture.
• Design and support external identity onboarding patterns (Entra External ID CIAM/B2B/B2C), balancing usability, security, and operational supportability.
• Implement and operate Entra ID Governance and SailPoint IGA capabilities, including JML, access requests, certifications, SoD, entitlement management, lifecycle workflows, and role modeling.
• Support application onboarding and integrations involving Enterprise Apps, App Registrations, service principals, managed identities, and hybrid identity dependencies.
• Operate and modernize hybrid identity environments involving AD DS/AD FS, including federation, delegation, group structures, and cloud transition planning.
• Develop and maintain PowerShell automation and operational tooling for identity lifecycle management, reporting, governance checks, troubleshooting, and repeatable operational tasks.
• Design and improve provisioning and lifecycle integrations (SCIM, authoritative sources, reconciliation, JIT vs managed provisioning) while ensuring GDPR/EUDPR compliance, auditability, and access hygiene, including AI/agent identities where applicable.
Requirements:
What do you need to succeed in this position?
• Bachelor’s degree in IT or related field with 10+ years of experience, including 8+ years in IT security.
• Strong experience with Entra ID / Entra External ID, enterprise app/API integrations, and hybrid identity environments (AD DS/AD FS).
• Strong understanding of OAuth 2.0, OpenID Connect, SAML, token/session lifecycles, consent models, and enterprise authentication/authorization patterns.
• Hands-on experience implementing and troubleshooting modern authentication flows (Auth Code + PKCE, Device Code, Client Credentials, OBO), claims mapping/normalization, and SSO integrations.
• Experience with Enterprise Apps, App Registrations, service principals, managed identities, and IdP/SP federation integrations.
• Strong knowledge of Conditional Access, MFA, phishing-resistant authentication, risk-based access controls, and safe rollout/break-glass practices.
• Experience with CIAM/B2B/B2C onboarding patterns and balancing UX with security requirements.
• Experience with SailPoint governance, JML processes, access requests, certifications, SoD, role/entitlement models, and provisioning approaches (SCIM, JIT, managed provisioning).
• Solid understanding of AD DS concepts including domains/forests, trusts, delegation, OU/GPO, and hybrid identity impacts.
• Experience designing IAM controls aligned with GDPR/EUDPR, auditability, traceability, and least-privilege principles, including AI/agent identities.
• Experience with PowerShell automation, operational scripting, reporting, and controlled delivery processes (CI/CD, ITSM).
• Advanced English (C1) communication skills (written and spoken).
At Uni Systems, we are providing equal employment opportunities and banning any form of discrimination on grounds of gender, religion, race, color, nationality, disability, social class, political beliefs, age, marital status, sexual orientation or any other characteristics. Take a look at our Diversity, Equality & Inclusion Policy for more information.