IAM Information Security Engineer (m/f/d)

at  KuehneNagel

As one of the world’s leading logistics companies, we have opened a new IT Centre in Porto, Portugal. We aim to accelerate digital technologies for our global customers, focusing on developing new mission-critical products, e-solutions, and new digital services. Join our fascinating and international working environment and become part of the team responsible for our digital logistics processes in line with the Kuehne+Nagel strategy.

YOUR SKILLS AND EXPERIENCES

• Degree in Computer Science, Information Security, or a related field;
• Around three years in a similar position or an IAM team;
• A person with experience in IAM tools (Sailpoint IdentityIQ, Sailpoint IdentityNow, IBM Security/Tivoli Identity Manager, One Identity, CA Identity Manager, Omada Identity Suite, ForgeRock, NetIQ Identity Manager, Oracle IAM, Okta, etc);
• Demonstrable experience working within an IAM team with responsibility for mapping governance and monitoring processes IAM;
• Must be able to coach others on the importance and business value of strong IAM;
• Well-founded experience with Identity LifeCycle Management, Provisioning, and Certification process;
• Working knowledge with SoD, regulatory compliance (ISO 27001, SOX, and GDPR);
• Well-founded experience implementing multiple access control strategies and their comparative strengths (RBAC, PBAC, ABAC);
• Experience with Agile methodology Scrum or Kanban;
• Team player with collaboration skills;
• Knowledge of scripting in PowerShell, Bash, Python, and Java and usage of Web Services APIs REST and SOAP (JSON/XML/RPC/HTTP);
• Advanced English skills;
• Knowledge of configuration change management and project management processes.

YOUR ROLE

As an Information Security Engineer (m/f/d) for our Identity and Access Management (IAM) system, you will work with an international product team supporting and enhancing our mission-critical application, connecting Kuehne+Nagel to our customers and external partners worldwide, round the clock, every day of the year. You’ll work with systems engineering, application owners, and auditors, helping to create functional, scalable, and secure IAM operations in a diverse and rich technological environment to provide a global IAM for all KN environments.

YOUR RESPONSIBILITIES

• Can help with the definition of how manual and automated joiners, movers, and leavers processes are structured (working with architecture teams) and develop a roadmap for addressing access governance using a risk-based methodology across a range of systems;
• Can develop plans but also roll up sleeves to support engineering work and implementation. Pragmatic and threat-centric in thinking but outcome-oriented in execution;
• Can collate and understand business requirements and work as a team of teams with Architecture and Infrastructure to ensure those can be translated to technical solutions to address the management of KIAM;
• Support and maintain the KNIAM environment by treating tickets and incidents;
• Customize certification campaigns, forms, and rules;
• Lead in complex problem investigations and solution development for mitigation and prevention of future recurrence through process, procedure, or tool improvements;
• Implement and maintain multiple access control strategies (RBAC, PBAC, ABAC), Role Management, and SoD;
• Design/Build prototype of reviews and reporting;
• Interprets corporate policies and translates them into technical rulesets and technical policy for KNIAM tooling, working with infrastructure teams and third parties to implement the following change control protocols;
• Support audit and risk assessments by providing evidence either manually or through automation;
• Process and system documentation.