Identity Management Engineer at Astellas Pharma

, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

16 Feb, 26

Salary

0.0

Posted On

18 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Identity Management, Access Management, Active Directory, Azure AD, CyberArk, SSO, MFA, Authentication Protocols, Scripting, Identity Lifecycle, Access Governance, Compliance Standards, ITSM Tools, Incident Management, Role-Based Access Control, Privileged Access Management

Industry

Pharmaceutical Manufacturing

Description

Purpose and Scope: As an Identity and Access Management (IAM) Engineer, you will play a key role in protecting our organization’s digital assets by ensuring secure, compliant, and efficient management of user identities and access across systems and applications. This position has been established as part of our initiative to strengthen internal IAM operations, enhance automation in identity lifecycle management, and advance towards a ‘best in industry’ access governance framework. Responsibilities and Accountabilities: * Execute and support daily IAM/PAM operations including user provisioning, de-provisioning, and access changes across Active Directory, Entra ID (Azure AD), ERP systems, and SaaS applications. * Administer and maintain CyberArk PAS components including Vault, PVWA, CPM, and PSM, ensuring secure management of privileged accounts and credentials. * Monitor and maintain the health, performance, and scheduled jobs of IAM/PAM platforms such as CyberArk and Entra ID, ensuring high availability and operational integrity. * Manage service requests and incidents related to access control, authentication, and account lifecycle, resolving issues within defined SLAs. * Troubleshoot and resolve authentication failures, access provisioning errors, and MFA/SSO-related issues across hybrid environments. * Perform regular access reviews, entitlement clean-ups, and role-based access audits to enforce least privilege and meet compliance requirements. * Support integration and synchronization of identity data between HR systems and IAM platforms, ensuring accurate and timely updates. * Collaborate with SOC, Infrastructure, and HR teams to maintain secure and efficient identity lifecycle processes and respond to IAM-related security events. * Escalate complex technical issues to engineering and architecture teams, contributing to root cause analysis and long-term remediation. * Document recurring issues, configuration changes, and operational procedures, contributing to the internal knowledge base and support documentation. * Participate in change management activities including testing, validation, and deployment of IAM system upgrades, patches, and new feature rollouts. * Qualifications Required Qualifications: * Strong knowledge of Active Directory, Azure AD (Entra ID), and group policy administration. * 8 to 10 years of experience in Identity and Access Management or related IT Security roles. * Minimum 5 years of experience in administration of IAM solutions such as CyberArk, Entra ID etc. * Hands-on experience with one or more IAM platforms (Entra ID, CyberArk, Azure SSO) * Understanding of SSO, MFA, and authentication protocols (SAML, OAuth, OpenID Connect). * Basic scripting experience (PowerShell, Python) for task automation. * Understanding of identity lifecycle (joiner–mover–leaver) and access governance. * Preferred Qualifications: * Strong knowledge of Active Directory, Azure AD (Entra ID), CyberArk, SSO, and authentication mechanisms (SAML, OAuth, OIDC). * Understanding of IAM governance, RBAC, and compliance standards (ISO 27001, SOX, GDPR). * IAM certifications such as below is an advantage. * CyberArk Defender (mandatory) * CyberArk Sentry * CyberArk CCDE - Core PAS * Microsoft Certified: Identity and Access Administrator Associate * Supporting technology in healthcare industry experience is an advantage. * Familiarity with ITSM tools (e.g., ServiceNow) and ticket management processes.

Responsibilities

The Identity Management Engineer will execute and support daily IAM/PAM operations, including user provisioning and access changes across various systems. They will also monitor and maintain the health and performance of IAM/PAM platforms to ensure operational integrity.