Identity & PAM Security Engineer

This is a fully remote position, open to applicants in Europe.

📋 Description

• Oversee privileged access controls, which include Privileged Identity Management (PIM), just-in-time (JIT) access, approval workflows, and assignments of privileged roles.

• Establish and uphold administrative access procedures for high-risk roles, privileged sessions, and break-glass accounts.

• Spearhead and assist with access review processes, monitor remediation activities, and ensure access rights are consistent with least-privilege principles.

• Administer the lifecycle of service and machine accounts, covering ownership, permissions, credential rotation, monitoring, and decommissioning.

• Set up, maintain, and oversee conditional access policies, multi-factor authentication (MFA), and identity risk controls.

• Develop and execute automation for identity workflows, approvals, access validation, reporting, and remediation tasks.

• Collaborate with Security, Infrastructure, and Engineering teams to enhance identity security across both cloud and enterprise environments.

• Assist with security audits, incident response efforts, and identity-related investigations.

• Play a role in the continual enhancement of identity governance, privileged access management, and security operations practices.

⛳️ Requirements

• Minimum of 4 years of experience in Identity and Access Management (IAM), Cloud Security, Infrastructure Security, or Security Engineering.

• Practical experience in administering and securing Microsoft Entra ID and Google Cloud IAM environments.

• In-depth understanding of identity security principles, including least privilege, role-based access control (RBAC), multi-factor authentication (MFA), conditional access, access governance, and privileged access management.

• Experience in managing service accounts, machine identities, secrets, API keys, and credential rotation procedures.

• Proven experience in building automation using workflow management platforms, APIs, PowerShell, Python, or related technologies.

• Strong analytical and problem-solving abilities with a focus on security.

• Exceptional documentation, communication, and stakeholder management skills.

• Capability to function effectively in a fast-paced, distributed environment.

🏝️ Benefits

• Sporty is a remote-first company dedicated to sustainability.

• A competitive salary along with individual performance-based bonuses every quarter.

• 28 days of paid annual leave.

• Core working hours of 10am-3pm in your local time zone, with flexibility outside of these hours.

• Referral bonuses and flash bonuses.

• High-quality equipment provided.

• Annual company retreats that offer opportunities for connection and collaboration with colleagues from around the globe.