Identity & Access Management (IAM) System Engineer @MMCTech

Company:MMC Corporate

Description:

Join Our Team at Marsh McLennan (MMC) in Cluj, Romania!
 

Marsh McLennan (MMC) has established its EMEA Technology Hub in Cluj, Romania, reflecting our commitment to innovation and excellence; this hub is central to our digital strategy, addressing emerging challenges and enhancing service delivery through advanced technology solutions that empower our clients and promote sustainable growth;

We are seeking a talented Identity & Access Management (IAM) System Engineer to join our dynamic team; if you are passionate about security, cloud integrations, and cutting-edge IAM solutions, we want to hear from you!

We will count on you to:

• Implement and manage PAM systems and solutions using CyberArk, Delinea or Beyond Trust, integration into legacy and cloud identity systems for both human and non-human identities

• Manage IAM systems and solutions, including Single Sign-On (SSO), Multi-Factor Authentication (MFA) and role-based access control (RBAC)

• Configure and maintain PAM and IAM management tools

• Work with the business to implement secret management, service account management, elevated account management meeting security policy

• Work with security teams to define and enforce security policies and user access controls

• Assist in the management of user and elevated lifecycle processes such as onboarding, offboarding, and role changes

• Integrate PAM systems with various internal and third-party applications and services

• Manage the backup and recovery, auditing and reporting on PAM system for security incidents and access violations

• Ensure compliance with regulatory requirements and internal security policies related to identity and access management

• Troubleshoot and resolve IAM-related issues, including access problems and authentication failures

• Stay up to date with the latest PAM and IAM technologies, trends and security vulnerabilities

• Develop and maintain documentation for PAM and IAM configurations, processes and procedures

• Collaborate with security teams to identify and mitigate identity-related risks and vulnerabilities

What you need to have:

• Extensive experience in design, development and implementation of PAM solutions based on CyberArk, Delines, Beyond Trust or Centrify

• Experience in design, development, and implementation of Microsoft Active Directory (including DNS, AD Sites, GPO, Domain DFS, Trusts, Schema, Backup and Restore, PKI)

• Experience in designing and implementing Directory Services with cloud services such as Entra ID, AWS Identity Centre, OKTA Workforce and CIAM

• Experience designing and implementing SSO integrations using federation, SAML, OpenID, two-factor authentication and risk-based authentication

• Provide advanced design and engineering functions to secure PAM, Directory Services, Identity and Access Management, Windows Server, automation, and scripting

• Support projects in development with designs for PAM and IAM

• Experience integrating new organizations into existing PAM and IAM solutions

• Extensive and demonstrated experience in end-to-end deployment of OKTA WIC and CIC (CIAM) solutions, Entra ID including B2B and B2C

• Experience configuring Okta and Entra ID to provide enterprise Single Sign-On services and enable Multi-Factor Authentication (MFA) platform features for internal and external applications

• Develop and maintain enterprise-wide Identity runtime authorization solutions (Zero Trust)

• Experience of least privilege access models and IDP granular control boundaries across cloud environments

• Document Operational procedures and hand-off to the Identity Operations team

• Stay up to date with current PAM and IAM threats and industry solutions

• Develop and implement technical solutions leveraging modern authentication services

• Perform business use case analysis to implement authentication and authorization solutions

• Extensive knowledge and experience of Privileged Access Management best practices and procedures using software solutions such as CyberArk, Delinea, Beyond Trust

• Comprehensive knowledge of Active Directory and Entra ID Backup and Recovery

• Experience with Windows Operating systems registry, local policy, events and Windows Firewall

• Experience with one or more scripting in languages including PowerShell, C++, Jave, Python, JavaScript or C#

• Strong knowledge of PKI and Certificate Services, templates, and management

What makes you stand out:

• Certifications in IAM, security, or cloud platforms;

• Experience working in a global or multi-cloud environment;

• Strong problem-solving skills and a proactive approach to security challenges;

• Excellent communication skills and ability to collaborate across teams;

Why join our team:

• We help you be your best through professional development opportunities, interesting work, and supportive leaders;

• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have an impact for colleagues, clients, and communities;

• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being;

• A yearly budget and the opportunity to build your flexible benefits package (up to 20% of your annual salary);

• 30+ days off (including legal days, birthday, public holiday replacements, and benefits options);

• Performance bonus scheme;

• Matching charity contributions, charity days off, and the Pay it Forward charity challenge;

• Core benefits: Pension, Life and Medical Insurance, Meal Vouchers, Travel Insurance;
  #MMCTech

Marsh McLennan (NYSE: MMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $24 billion and more than 90,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. For more information, visit marshmclennan.com, or follow on LinkedIn and X.Marsh McLennan is committed to creating a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.

Marsh McLennan is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh McLennan colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.