Identity Fabric Principal (Poland)

In this role, you will design, implement, and support enterprise identity and access management solutions using Microsoft technologies and related IAM platforms. You will work closely with project, security, and infrastructure teams to deliver secure authentication, authorization, federation, and identity governance capabilities across hybrid and cloud environments.

You will contribute to the onboarding and integration of enterprise applications, support modernization initiatives involving legacy and hybrid identity systems, and help improve the organization’s authentication posture through secure access models, governance controls, and operational best practices. The role also includes supporting identity lifecycle management, provisioning processes, and automation initiatives using PowerShell and related tooling.

As part of the wider IAM function, you will help ensure solutions align with compliance, auditability, and least-privilege principles, while contributing to future-oriented identity governance initiatives, including AI/agent identity and access management.

• 10+ years of professional IT experience
• 8+ years of experience in a similar role
• Degree in Computer Science or a related field
• Hands-on experience with Microsoft Entra ID, including tenant configuration, authentication posture, operational governance, Enterprise Apps, App Registrations, service principals, managed identities, and application integration support
• Strong experience with Conditional Access, MFA, Identity Protection, risk-based access, break-glass design, safe rollout practices, and phishing-resistant authentication patterns
• Strong understanding of hybrid identity environments, including AD DS, AD FS, domains/forests, trusts, OU/GPO structures, delegation, federation, and modernization planning
• Practical experience with federation and SSO integrations, including IdP/SP configuration, metadata management, certificate rollover, claims rules, and troubleshooting
• Experience with Entra ID Governance and SailPoint IdentityIQ and/or IdentityNow, including access packages, entitlement management, lifecycle workflows, JML, access requests, approvals, certifications, access reviews, SoD, and role/entitlement modeling
• Experience with provisioning and lifecycle integrations, including SCIM, authoritative sources, reconciliation, and JIT vs managed provisioning trade-offs
• Good understanding of token/session security, API permissions, consent models, authentication flows, claims design, least-privilege access, and group/role overage patterns
• Compliance-oriented mindset, with the ability to apply GDPR/EUDPR, privacy-by-design, auditability, minimization, retention, token/claim hygiene, and internal audit expectations to IAM solutions
• Strong PowerShell automation skills for Entra ID / Microsoft 365 / AD DS / AD FS operations, reporting, bulk changes, troubleshooting, and reliable logging
• Readiness to support AI/agent identities and future-oriented access governance models
• Very good English (B2 level or higher)

• Employment Type: This full-time, long-term role is available to EU citizens (or individuals with a valid EU work permit) and offered exclusively to independent contractors. For Greek candidates, we can provide support in establishing your freelance setup.
• Location: This is an on-site position in Warsaw, Poland. Candidates currently based in other EU countries will be required to relocate. Relocation costs are not covered.
• Compensation: No fixed upper limit – we are prepared to make any ask work for the candidate who’s the right fit.
• Working Days: Aligned with the standard work schedule in Poland.