Uni Systems

Identity & Access Management Expert

Uni Systems  •  Warsaw, PL (Hybrid)  •  16 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

At Uni Systems, we are working towards turning digital visions into reality. We are continuously growing and we are looking for an Identity & Access Management Architect to join our UniQue team.

What will you be doing in this role?

  • Define and maintain modern authentication standards and reference architectures for applications and APIs using OAuth2, OIDC, and SAML.
  • Support project teams in implementing, troubleshooting, and securing authentication flows (Auth Code + PKCE, Device Code, Client Credentials, OBO), including production incident resolution.
  • Design and standardize token, session, claims, and permission strategies, including least-privilege access, consent governance, IdP normalization, and scalable API authorization models.
  • Configure and operate federation integrations (IdP/SP), including metadata management, certificate rollovers, and SSO troubleshooting.
  • Design and implement risk-based access controls, Conditional Access policies, MFA strategies, and phishing-resistant authentication aligned to application sensitivity.
  • Deliver and improve Entra ID tenant configurations, governance controls, and operational security posture.
  • Design and support external identity onboarding patterns (Entra External ID CIAM/B2B/B2C), balancing usability, security, and operational supportability.
  • Implement and operate Entra ID Governance and SailPoint IGA capabilities, including JML, access requests, certifications, SoD, entitlement management, lifecycle workflows, and role modeling.
  • Support application onboarding and integrations involving Enterprise Apps, App Registrations, service principals, managed identities, and hybrid identity dependencies.
  • Operate and modernize hybrid identity environments involving AD DS/AD FS, including federation, delegation, group structures, and cloud transition planning.
  • Develop and maintain PowerShell automation and operational tooling for identity lifecycle management, reporting, governance checks, troubleshooting, and repeatable operational tasks.
  • Design and improve provisioning and lifecycle integrations (SCIM, authoritative sources, reconciliation, JIT vs managed provisioning) while ensuring GDPR/EUDPR compliance, auditability, and access hygiene, including AI/agent identities where applicable.

Requirements

What do you need to succeed in this position?

  • Bachelor’s degree in IT or related field with 10+ years of experience, including 8+ years in IT security.
  • Strong experience with Entra ID / Entra External ID, enterprise app/API integrations, and hybrid identity environments (AD DS/AD FS).
  • Strong understanding of OAuth 2.0, OpenID Connect, SAML, token/session lifecycles, consent models, and enterprise authentication/authorization patterns.
  • Hands-on experience implementing and troubleshooting modern authentication flows (Auth Code + PKCE, Device Code, Client Credentials, OBO), claims mapping/normalization, and SSO integrations.
  • Experience with Enterprise Apps, App Registrations, service principals, managed identities, and IdP/SP federation integrations.
  • Strong knowledge of Conditional Access, MFA, phishing-resistant authentication, risk-based access controls, and safe rollout/break-glass practices.
  • Experience with CIAM/B2B/B2C onboarding patterns and balancing UX with security requirements.
  • Experience with SailPoint governance, JML processes, access requests, certifications, SoD, role/entitlement models, and provisioning approaches (SCIM, JIT, managed provisioning).
  • Solid understanding of AD DS concepts including domains/forests, trusts, delegation, OU/GPO, and hybrid identity impacts.
  • Experience designing IAM controls aligned with GDPR/EUDPR, auditability, traceability, and least-privilege principles, including AI/agent identities.
  • Experience with PowerShell automation, operational scripting, reporting, and controlled delivery processes (CI/CD, ITSM).
  • Advanced English (C1) communication skills (written and spoken).

At Uni Systems, we are providing equal employment opportunities and banning any form of discrimination on grounds of gender, religion, race, color, nationality, disability, social class, political beliefs, age, marital status, sexual orientation or any other characteristics. Take a look at our Diversity, Equality & Inclusion Policy for more information.

Uni Systems

About Uni Systems

We see IT differently

Uni Systems, a distinguished member of the Quest Group, has served as a trusted ICT provider to enterprises and organisations across the European market for over six decades. Established in Greece in 1964 as the nation’s first IT company, we have been supporting our clients with commitment and expertise. Our growth has been underpinned by long-term client relationships, a comprehensive solutions portfolio, strategic partnerships, and the experience of our dedicated professionals.

With a workforce exceeding 1,800 specialised ICT experts in key subsidiaries, branches in Athens, Barcelona, Brussels, Bucharest, Luxembourg, Milan, and Limassol, and operations in more than 20 countries, we effectively address the complex requirements of European and international organisations.

Our primary focus is enabling our clients’ digital transformation journeys, and we are unwavering in our dedication to this objective.

Industry
Unknown
Company Size
1,001-5,000 employees
Headquarters
Athens, Greece, GR
Year Founded
1964
Website
unisystems.com
Social Media