The company : Our customer is a technology-based startup with solid funding that is in the midst of expansion.
They will hire the selected candidate as an internal and permanent employee, based in Madrid, but providing services to their integral organization.
Description of the position :
We're looking for an Identity & Access Management Specialist for its global operations in Madrid. He/She will play a critical role in managing and securing the company's enterprise identity and access management systems. The primary goal is to ensure that user identities and access rights are effectively managed, integrated, and secured across all platforms. This role involves implementing single sign-on and provisioning solutions, overseeing identity lifecycle processes, and developing strategies to improve identity governance and security posture.
Key Responsibilities and tasks:
- Manage Microsoft Entra ID: Oversee the administration of the Microsoft Entra ID platform, including user accounts, security groups, enterprise applications, app registrations, and service principals. Ensure that identity data remains accurate and that Entra ID serves as the single source of truth for all identities within our company.
- Implement Single Sign-On (SSO): Configure and maintain Single Sign-On for both internal and external applications, providing a seamless login experience for users across different platforms. This includes managing identity provider integrations (SAML/OAuth/OIDC) and federation between Entra ID and other identity systems.
- Provisioning & De-provisioning: Handle the full identity lifecycle by automating user provisioning and de-provisioning processes. Ensure new hires, role changes, and departures are reflected promptly in Entra ID and connected systems, using provisioning technologies (e.G. SCIM or API connectors).
- Access Management & Security: Enforce strong access security practices such as Multi-Factor Authentication (MFA) and Conditional Access policies to protect accounts and data. Implement role-based access control (RBAC) and the principle of least privilege for both users and service principals, regularly reviewing permissions and adjusting as needed to minimize risk.
- Privileged Access Control: Utilize Microsoft Entra Privileged Identity Management (PIM) or similar tools to manage and audit privileged accounts and roles. Provide just-in-time (JIT) access for administrators when necessary, reducing the number of permanent high-level access rights and ensuring that all elevated access is approved and documented.
- Enterprise Application Integration: Coordinate the integration of Entra ID with other enterprise systems and SaaS applications. Manage enterprise application configurations in Entra ID (SSO setups, provisioning mappings), ensuring that Entra ID acts as the central authentication and user provisioning hub for the organization's cloud services.
- Monitoring and Compliance: Monitor identity-related logs and alerts (sign-in activity, audit logs, identity protection alerts) to quickly identify irregularities or security incidents. Conduct periodic access reviews and certification campaigns to ensure compliance with internal policies and regulatory requirements. Ensure that identity management processes meet compliance standards and align with IT governance frameworks.
- Collaboration and Support: Work closely with other IT teams (Security, Infrastructure, HR, etc.) to ensure identity management workflows (such as onboarding/offboarding and access requests) are efficient and aligned with ITIL service management practices. Provide expertise and second-line support for any identity and access related issues, troubleshooting SSO or