Identity & Access Management Expert

At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for an Identity & Access Management Architect to join our UniQue team.

What will you be doing in this role?

• Define and maintain modern authentication standards and reference architectures for applications and APIs using OAuth2, OIDC, and SAML.
• Support project teams in implementing, troubleshooting, and securing authentication flows (Auth Code + PKCE, Device Code, Client Credentials, OBO), including production incident resolution.
• Design and standardize token, session, claims, and permission strategies, including least-privilege access, consent governance, IdP normalization, and scalable API authorization models.
• Configure and operate federation integrations (IdP/SP), including metadata management, certificate rollovers, and SSO troubleshooting.
• Design and implement risk-based access controls, Conditional Access policies, MFA strategies, and phishing-resistant authentication aligned to application sensitivity.
• Deliver and improve Entra ID tenant configurations, governance controls, and operational security posture.
• Design and support external identity onboarding patterns (Entra External ID CIAM/B2B/B2C), balancing usability, security, and operational supportability.
• Implement and operate Entra ID Governance and SailPoint IGA capabilities, including JML, access requests, certifications, SoD, entitlement management, lifecycle workflows, and role modeling.
• Support application onboarding and integrations involving Enterprise Apps, App Registrations, service principals, managed identities, and hybrid identity dependencies.
• Operate and modernize hybrid identity environments involving AD DS/AD FS, including federation, delegation, group structures, and cloud transition planning.
• Develop and maintain PowerShell automation and operational tooling for identity lifecycle management, reporting, governance checks, troubleshooting, and repeatable operational tasks.
• Design and improve provisioning and lifecycle integrations (SCIM, authoritative sources, reconciliation, JIT vs managed provisioning) while ensuring GDPR/EUDPR compliance, auditability, and access hygiene, including AI/agent identities where applicable.