Location of this role: Czech Republic or Poland
Position PurposeEngineer and enhance Identity Access Management (IAM) solutions to strengthen organisational security and support a zero-trust architecture.
Drive the development and integration of authentication, lifecycle governance, and customer IAM capabilities in line with strategic security objectives.
Collaborate across teams to ensure robust, compliant, and user-friendly IAM processes and technologies.
YOUR MISSION – WHAT WILL YOU DO?
Lead the build, configuration, and deployment of secure email, messaging, authentication (MFA, SSO), and identity lifecycle management solutions.
Develop and implement new IAM capabilities and enhancements as outlined in the IAM strategic roadmap.
Recommend and integrate additional IAM solutions or controls to improve frontline security defenses.
Participate in the deployment and initial configuration of new IAM technologies, ensuring alignment with standards and best practices.
Establish and enforce IAM policies and procedures to maintain compliance with relevant regulations.
Coordinate with cross-functional teams to ensure seamless integration and operation of IAM solutions.
Provide training and support to users on IAM policies, procedures, and technologies.
Act as the escalation point for complex IAM issues, maintaining operational excellence and continuous improvement in IAM processes.
WHAT WE ARE LOOKING FOR
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Information Security, or a closely related field (or equivalent combination of education and experience). Many roles accept relevant professional experience in lieu of a degree, but a 4-year degree remains the most common baseline.
Professional experience in IAM or related cybersecurity fields — typically 3–7+ years depending on the role level (e.g., 3–5 years for mid-level IAM Engineer; 5–10+ for senior/principal roles). Hands‐on experience with identity lifecycle management, access provisioning/de‐provisioning, or access reviews is highly valued.
Strong knowledge of core IAM concepts and protocols — including authentication, authorization, RBAC (Role-Based Access Control), PBAC, SSO (Single Sign-On), MFA (Multi-Factor Authentication), federation, and standards like SAML, OAuth 2.0, OIDC, LDAP, and JWT.
Hands‐on experience with leading IAM platforms/tools — such as Okta, SailPoint, Microsoft Entra ID (Azure AD), Ping Identity/ForgeRock, CyberArk (for PAM), Saviynt, or similar. Familiarity with at least one or two major vendors is often explicitly required.
Experience with directory services and identity stores — particularly Active Directory (AD), Entra ID/Azure AD, LDAP directories, or cloud identity solutions. Many roles emphasize hybrid/on‐premises + cloud directory management.
Understanding of compliance, regulatory frameworks, and security standards — knowledge of NIST, ISO 27001, GDPR, HIPAA, SOX, PCI‐DSS, COBIT, or Zero Trust principles. Ability to align IAM processes with audit and governance requirements is critical.
Cloud platform familiarity — experience integrating IAM with major cloud providers like AWS IAM, Azure AD/Entra ID, Google Cloud Identity, or multi‐cloud environments. Cloud IAM is now a near-universal expectation.
Strong communication and collaboration skills — excellent verbal and written English communication (critical for English‐speaking roles), ability to explain complex IAM concepts to both technical and non‐technical stakeholders (e.g., business leaders, auditors), and experience working cross‐functionally in teams.
Relevant certifications (preferred or required in many postings) — common ones include CISSP, CISM, Okta Certified Professional, SailPoint Certified IdentityIQ Engineer, Microsoft Certified: Identity and Access Administrator, GIAC certifications, or vendor‐neutral ones like Certified Identity and Access Manager (CIAM) from Identity Management Institute.
Fluency in English language
WHAT WE OFFER* The benefit package for employees outside of the Czech Republic differs from the options listed below
Competitive salary package with annual bonus
Company car
Multisport card
Additional life insurance
Long term, international career growth & opportunities
Options to purchase CHEP/Brambles shares
3 Days paid leave for volunteering
Employee ́s pension insurance plan (up to CZK 4100 monthly contribution)
25 the days of the annual holiday
Cafeteria system to spend on health, culture, traveling, education, and purpose
Poland
Attractive base salary with annual bonus & benefits (including 3 days of paid leave for volunteering, 2 additional annual leave days - after a full calendar year, financial bonus for a two‐week holiday)
LuxMed Medical Insurance
Company Car according to the company policy
Multisport Card
Transportation allowance of 110 PLN net per month
Employee Capital Plan
Employee Investment Plan
Ability to develop your skills and understanding of business in a worldwide logistics company
Area to build your independence and own responsibilities
Support at every stage of your career
Independence in operating with a real impact on the organization
We are celebrating our successes with meal vouchers and events
#J-18808-Ljbffr