Job Description

Company Description

About Sopra Steria

Sopra Steria, a major Tech player in Europe with 50,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2024, the Group generated revenues of EUR5.8 billion.

The world is how we shape it.

Role Overview

The IAM/PAM Specialist will be responsible for designing, implementing, and managing enterprise Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions across hybrid and multi-cloud environments. This role will focus on securing both user and privileged accounts, enforcing least privilege policies, integrating IAM/PAM platforms, and ensuring compliance with security governance frameworks and regulatory requirements. The ideal candidate will have deep hands-on expertise with

CyberArk, HashiCorp Vault, SailPoint IdentityNow

, and cloud IAM services in

AWS

or

Azure

.

Key Responsibilities

Identity and Access Management (IAM)

Manage the identity lifecycle: provisioning, modifying, and de-provisioning users, roles, and groups. Implement identity federation across

Active Directory (AD)

,

LDAP

,

Azure AD

, and third-party SaaS platforms. Deploy authentication solutions including

MFA, SSO (SAML, OIDC)

, and passwordless authentication. Apply and maintain

Role-Based Access Control (RBAC)

policies. Configure and manage

cloud IAM services (either one)

:

AWS:

IAM roles, JSON policies, SCPs, Identity Center (SSO), resource-based and identity-based policies.

Azure:

Azure AD, Conditional Access, PIM, and Identity Governance. Support and manage

IGA solutions

such as SailPoint IdentityNow, including certifications, access reviews, and policy enforcement.

Privileged Access Management (PAM)

Design, implement, and manage PAM solutions to secure and monitor privileged accounts. Manage and configure

CyberArk

components (Vault, PVWA, PSM, CPM, EPM). Administer and automate secret management with

HashiCorp Vault

. Manage Azure privileged access using

Entra PIM

and Conditional Access. Oversee AWS privileged access, including IAM roles, Secrets Manager, and SCP enforcement. Integrate PAM platforms including

SailPoint, ForgeRock, CyberArk

. Perform periodic audits, access reviews, and compliance reporting.

Desired Skills

PAM Tools:

CyberArk, HashiCorp Vault.

IAM Tools:

SailPoint IdentityNow, Microsoft Entra, AWS IAM.

Authentication Technologies:

MFA, SSO, Passwordless Auth.

Access Control Models:

PoLP, RBAC.

Cloud IAM Expertise:

AWS IAM, SCPs, Azure AD, Conditional Access, PIM.

Integration Skills:

API-based and directory-based integrations with IAM/PAM. Knowledge of

compliance frameworks

(SOX, GDPR, ISO 27001, NIST).

Good to Have Skills

Knowledge of Zero Trust Architecture. Experience with DevSecOps and CI/CD integrations for IAM/PAM. Familiarity with AI/ML-based identity analytics. Experience in hybrid cloud and multi-cloud identity management.


Total Experience Expected: 08-10 years

Qualifications

Bachelor's degree in information technology, Cybersecurity, or a related field

Additional Information

Preferred Certifications

CyberArk Defender / Sentry / Guardian. SailPoint Identity Now Certified Engineer. Microsoft SC-300: Identity and Access Administrator. CISSP or CRISC (security governance & risk focus). Optional: Azure Administrator, AWS Certified Security - Specialty.


At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.


All of our positions are open to people with disabilities.