Senior Identity And Access Management Engineer - Cloud Environment job opportunity at Roche.

Home Jobs In Spain Tag: Job Senior Identity And Access Management Engineer - Cloud Environment position at Roche


DateMore Than 30 Days Ago bot
Roche Senior Identity And Access Management Engineer - Cloud Environment
Experience: 7-years
Pattern: full-time
Country:
apply Apply Now
Salary:
Status:

Job

Copy Link Report
degreeOND
loacation Madrid, Spain
loacation Madrid....Spain

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position   The Identity Management Support Team manages and operates the solutions and components used to provide customers with Directory and Identity Management Services using SailPoint. We are part of a global Roche Digital Technology group (RDT). In this role, you are mainly responsible for the multi-cloud Identity Management environment, focusing specifically on Azure and Google Cloud Platform (GCP), while maintaining consistency with AWS. This includes the design of new solutions, consultancy, maintenance, performance, tactical lifecycle management and continuous improvement of the underlying technologies.   Your main responsibilities are: Strong background in IAM concepts at design level and evolution in Cloud environments, Azure and/or GCP. Contributes to the design of new solutions based on SailPoint and PingFederate, AD, Privilege Access Management.  Design and implement Centralized Role-Based Access Control (RBAC) based on Cloud Adoption Framework (CAF) principles. Access Governance and Controls: Enforce strong security controls across cloud environments, including Multi-Factor Authentication (MFA) and Identity Protection. Implement Least Privilege policies, often involving custom roles and organizational-level controls. Implement IAM Deny Policies to strictly block high-risk actions, ensuring separation of duties Automation and Infrastructure-as-Code (IaC): Drive the core value of "Automate as much as possible". Design and implement IAM infrastructure using IaC, leveraging Terraform. For Azure, this mandates IaC using Terraform and Azure Verified Modules (AVM) with CI/CD pipelines in GitLab Privileged Access Management (PAM): Design and support Just-in-Time (JIT) Access mechanisms, ensuring no standing privileges for administrators, using tools like Cyberark for Just-in-Time access Consultancy and Collaboration: Act as a mentor and reference, working closely with stakeholders to provide the right level of consultancy. Ensure regular interactions with the Managed Service Provider Operational Excellence: Act as an expert in the release management activities, providing 2nd and 3rd level support for the Identity Management Infrastructure. Proactively monitor systems for performance, availability, and capacity management Actively focus on self-development in creating actionable plans to improve. ​ Who you are You’re someone who wants to drive your own development and is highly curious. You’re looking for a company where you have the opportunity to pursue your interests across functions and geographies, where a job title is not considered the final definition of who you are, but the starting point. For this position, you bring the following experience, skills & qualifications: 5-7 years of experience working in a major global organization, preferably in a regulated industry and in providing solutions aligned with standards, security, validation, capacity and high availability. Bachelor’s Degree in computer science, engineering or related discipline; or recognition of prior working experience which is equivalent.  Strong hands-on technical skills with an IT operations background. Expert knowledge on infrastructure technologies, business processes and applications with a focus on Sailpoint IQ Identity Governance and Access Identity Management technologies and PingFederate.  Cloud Platform skills: Expertise in GCP Identity and Access Management (IAM), including Identity Synchronization, Service Account binding/federation, and organizational policy enforcement. Expertise in Azure IAM/RBAC, including implementing centralized RBAC designs, Azure Policy, and alignment with the Azure Cloud Adoption Framework (CAF). Experience applying cloud governance principles (e.g., Azure Policy, IAM Deny Policies) to ensure consistent governance and security across multi-cloud workloads ​ ​ Automation and DevOps:  experience with Infrastructure-as-Code (IaC) tools, particularly Terraform, for platform building and management.  Experience implementing governance as code and integrating automated workflows via CI/CD pipelines (e.g., GitLab). ​ Strong understanding of Computer Systems Validation and working experience in a validated environment. Good understanding of IT Security systems and landscape with in-depth knowledge of Directories, Identity Management and Privileged Access Management technologies. Industry accredited certification is desirable. Willingness to continually acquire and maintain the technical skills appropriate to the requirements of this position. Proactive, collaborative and supportive approach when interacting with colleagues.  Committed to operational excellence, with willingness to cross-train and to learn additional technical expertise. Strong customer focus and a highly responsive service delivery and support ethic. Adaptable to change in a large organization. Excellent communication, negotiation and documentation skills.  Proven interpersonal skills to interact effectively with individuals in multiple countries and in varying cultures. Strong verbal and w ritten English. Who we are A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact. Let’s build a healthier future, together. Roche is an Equal Opportunity Employer.

Other Ai Matches

Alternant - Ventes terrain (m/f/d) Applicants are expected to have a solid experience in handling Job related tasks
System Development Troubleshooter Applicants are expected to have a solid experience in handling Job related tasks
Praktikum im Bereich Global Clinical Master Data und Business Operations Support (BOS) Clinical Supply für Studierende - RiKO (ab Sommer 2026, mind. 6 Monate) Applicants are expected to have a solid experience in handling mind. 6 Monate) related tasks
Section Lead Particle Design Applicants are expected to have a solid experience in handling Job related tasks
Packaging Operator 包装操作工 Applicants are expected to have a solid experience in handling Job related tasks
AI Innovation Manager (Medical+MDT) Applicants are expected to have a solid experience in handling Job related tasks
T&E Compliance Analyst with European languages - TALENT POOL Applicants are expected to have a solid experience in handling Job related tasks
Rechtsreferendar (m/w/d) - Datenschutz Applicants are expected to have a solid experience in handling Job related tasks
Systemverantwortlicher Reinstwasseraufbereitung  (m/w/d) (Technical Expert Process Water) Applicants are expected to have a solid experience in handling Job related tasks
Quality Solution Lead Applicants are expected to have a solid experience in handling Job related tasks
Lehrstelle als Chemie- und Pharmatechnolog:in EFZ (ab August 2026) Applicants are expected to have a solid experience in handling Job related tasks
Employee Lifecycle Management Specialist - German Speaking (Future Opportunities) Applicants are expected to have a solid experience in handling Job related tasks
Patient Journey Partner Oncology Applicants are expected to have a solid experience in handling Job related tasks
Senior Digital Marketing Analyst Applicants are expected to have a solid experience in handling Job related tasks
Praktikum in der analytischen Entwicklung und Qualitätskontrolle Applicants are expected to have a solid experience in handling Job related tasks
Lehrstelle als Konstrukteur:in EFZ (ab August 2026) Applicants are expected to have a solid experience in handling Job related tasks
Especialista de Planejamento e Demanda Applicants are expected to have a solid experience in handling Job related tasks
Estágio em Comercial Finance Applicants are expected to have a solid experience in handling Job related tasks
Ausbildung 2026: Mechatroniker:in, Standort Mannheim Applicants are expected to have a solid experience in handling Standort Mannheim related tasks
Digital Campaign Specialist (DIA CGM) Applicants are expected to have a solid experience in handling Job related tasks
院外新业极经理 Applicants are expected to have a solid experience in handling Job related tasks
Chargé des interactions et événements professionnels (d/f/m) Applicants are expected to have a solid experience in handling Job related tasks
Head of Technology Accounts and Software Asset Management Applicants are expected to have a solid experience in handling Job related tasks