Identity and Access Management (IAM) is a key element of the Information Security Strategy and Framework and plays a vital role in designing and running solutions that enhance our global security posture.The Identity and Access Management Analyst (IAM) with a focus on Identity Management (IDM) is responsible for account life cycle management and auditing as appropriate. The identity and Access Management Analyst participates in the development of workflows, system configuration, documentation, optimization, and support related to access while working with application teams to deploy new applications and integrate them properly following the IAM principles and standards. You will work closely with the IT teams to ensure that the Active Directory environment is secure, efficient, and scalable. You will also contribute to project activities to provide new capabilities and modernization of IAM solutions including implementation of PAM and IGA solutions. Additionally, you will be responsible for troubleshooting Active Directory-related issues and providing Level 3 support for the Active Directory infrastructure.

Key responsibilities:

• Responsible for the day-to-day administration of the IAM system
• Provide user account life cycle management, including creating, provisioning, securing, and inactivation of access.
• Participate in projects and production support operations focused on implementing Identity and Access Management (IAM), integrations and Roles Based Access Control (RBAC) strategies and integrations.
• Collaborate in the design, implementation, and support of the IAM technologies.
• Participate in projects to ensure standard processes and procedures are implemented when rolling out new provisioning and role management points.
• Assist with the development, implementation, and support of RBAC.
• Manage directory account permissions via RBAC.
• Responsible for the day-to-day administration, support, and maintenance of the IAM systems including Azure AD and Active Directory environments.
• Serve as the technical expert responsible for the implementation of application and enterprise platforms within the authentication and identity lifecycle space.
• Help design, implement, monitor, and maintain Identity and Access Management solutions.
• Perform Active Directory Services administration and management to include design, cleanup, and routine maintenance and configuration.
• Handle requests via ITSMtool (RemedyForce/ServiceNow).

• Master’s Degree in Information Technology, Information Security, Audit, Risk, or related field.
• Extensive knowledge and experience with privileged identity management, access governance, and other IAM solutions such as Active Directory, SAP GRC, Okta, OneIdentity, CyberArk, SailPoint, etc.
• Minimum of 5 years of professional experience managing Active Directory, LDAP, Group Policy, and DNS in a multi-forest environment.
• Very good understanding of Identity Lifecycle Management.
• Strong technical skills in managing identity and access with Active Directory and Azure Active Directory.
• Knowledge of authentication methods (sign-on security, multi-factor authentication (MFA), device sign-on methods).
• An understanding of modern authentication technologies like SAML, OpenID Connect, and oAuth.
• Strong analytical and troubleshooting skills.
• Experience with assessments, implementations, migrations, and modernization of IAM solutions.
• Experience with implementing access control with RBAC/ABAC.
• Experience with Privileged Access Management (PAM) solutions like Cyberark and BeyondTrust.
• Excellent written and oral English communication skills.
• Industry-recognized certification in security (e.g., CAMS, CISSP, etc.) would be an asset.

• Employment on a regular basis in the sweetest company in the world.
• Annual bonus based on your work results.
• Lunch card to be used for groceries and restaurants.
• Private medical care in Lux Med (basic package fully financed by BC).
• Fit Profit sports card co-financed by BC.
• PPE: we care about your future, and we save money for your retirement.
• Cafeteria Program as a part of Social Fund.
• Group life insurance.
• Hybrid working model: min. 8 days in the office a month.
• As part of our work-life balance culture, we can start work between 7 am and 10 am.
• Free consultation with a lawyer once a quarter.
• Chocolate! Yes, surprising but we have chocolate in the office, for Christmas, BC’s Birthday, and many other occasions during the year.
• Daily delivery of fresh fruits and veggies to the office.
• You can purchase our sweet products with a special discount.
• Relax zone in the office and plenty of options to choose from: PlayStation 5, football table, pool table, Ping-Pong, library, table games, and massage chairs.
• Sport @work? Sure! We have treadmills and indoor exercise bikes with a laptop station.
• We like to party as much as we like chocolate! We have integration budgets we can use for team events.
• Forever Chocolate and Event Team: you can join them and have a real influence on social life in BC and CSR activities.