Emprego IAM Team Leader

IAM Team Leader

Claranet
Lisboa Publicado há 2 dias
Full Time Informática Híbrido Português Inglês Sénior (5+ anos) Licenciatura (1.º ciclo — nível 6 QNQ/EQF)

We’re fast learners, hard workers, natural collaborators… and we **Make Modern Happen****!**

Our ambition is to unlock
the potential of our digital world so that organisations everywhere can
innovate and thrive securely. We aim to achieve this goal by bringing together
the world’s most talented people and the most powerful technologies, combining
them to address our customers’ challenges and to build something stronger
together.

**If you share our vision,join us!******

Right now, we are looking for an **IAMTeam Leader** to integrate our internal team.

**Your responsibilitiesinclude:**

· Lead and manage the IAM
team: shift planning for 24×7 IAM Engineers, workload allocation, performance
reviews, coaching, and career development

· Design and govern the
end-to-end IAM architecture including AD DS domain structure, FSMO roles,
replication topology, Group Policy, DNS/DHCP integration, and forest trust
relationships

· Architect and oversee AD
FS federation services, SSO configurations, and trust relationships with
external identity providers

· Design and maintain AD
CS/PKI architecture including certificate authority hierarchy, certificate
templates, and auto-enrolment policies

· Govern Entra ID
architecture including identity lifecycle, Conditional Access policies,
MFA/Passwordless strategies, SSO integrations, external identities (B2B/B2C),
and SCIM automation

· Define Identity
Governance frameworks: PIM role lifecycle, Access Reviews cadence, entitlement
policies, and privileged identity hardening standards

· Oversee PAM architecture
and CyberArk/SailPoint integration, ensuring least-privilege enforcement and
privileged session monitoring

· Lead identity security
initiatives: identity protection signals, risk-based access policies, threat
correlation with SOC, and audit evidence preparation

· Conduct architectural
reviews, capacity planning, and lifecycle governance for all IAM infrastructure
components

· Act as the highest
escalation point for complex identity incidents that cannot be resolved by IAM
Engineers or PAM Engineers

· Define and maintain
automation frameworks using PowerShell and Python for identity lifecycle
operations, compliance validation, and drift detection

· Coordinate IAM Workflow
Orchestration via ServiceNow, ensuring Change, Request, Incident, and Lifecycle
operations are automated and auditable

· Produce architectural
documentation, design decisions, compliance summaries, and governance reports
for internal and client stakeholders

· Support recruitment,
onboarding, and training of new IAM team members.

**You must have:**

· Minimum 7 years’ hands-on
experience in identity and access management, with at least 2 years in a team
lead, architect, or supervisory capacity

· Microsoft Certified:
Identity and Access Administrator Associate (or equivalent)

· Expert-level knowledge of
Active Directory (AD DS, AD FS, AD CS), Kerberos, LDAP, and Group Policy

· Deep experience with
Microsoft Entra ID (Azure AD), Conditional Access, PIM, MFA/Passwordless, SSO,
and identity governance

· Strong knowledge of
authentication protocols: SAML, OAuth 2.0, OpenID Connect, RADIUS

· Experience with
Privileged Access Management platforms (CyberArk) and identity governance tools
(SailPoint)

· Proven ability to design
and govern PKI/certificate services architectures

· Strong scripting skills
for automation (PowerShell, Python)

· Familiarity with
ServiceNow (incident, change, request, and CMDB modules)

· Strong analytical and
systematic problem-solving capabilities

· Effective communicator
with strong written and verbal English skills (B2 or higher), comfortable
engaging with client stakeholders and producing governance reports

· Demonstrated ability to
manage shift-based teams and coordinate across multiple time zones

**We value:**

· Microsoft Certified:
Security, Compliance, and Identity Fundamentals or Microsoft Cybersecurity
Architect Expert

· Previous experience
within a managed service provider or financial services environment

· Experience with identity
lifecycle automation via SCIM and API integrations

· Knowledge of DORA, FCA,
or PRA regulatory frameworks

· Experience with zero
trust architecture design and implementation

· Familiarity with
BeyondTrust or other PAM platforms beyond CyberArk

· Understanding of AD DS
decommissioning and cloud identity migration strategies

**We offer:**

· Regular professional
development;

· Health insurance, with
family package;

· Office facilities for
meals and snacks;

· Regular teambuilding
programs;

· Friendly workplace.

**Workplace:** Lisbon – Hybrid

Claranet, Make modern
happen!

Candidatar-se