IAM Analyst L1/L2 - Tieto tech Consulting (m/f/d)

Job Title: IAM Engineer L2

Experience: 3-6 Years

Location: [Remote/Hybrid]

Role Summary

The IAM L2 Analyst is responsible for managing and supporting identity and access management services across the enterprise. The role focuses on user lifecycle management, access provisioning, authentication services, IAM automation, and compliance activities while ensuring secure and efficient access to business applications and systems. The analyst will work closely with business stakeholders, application owners, infrastructure teams, and security teams to maintain a secure identity environment aligned with organizational policies and Zero Trust principles.

Key Responsibilities

Identity Lifecycle Management

• Manage the complete user lifecycle (Joiner, Mover, Leaver) process, including new hire onboarding, role changes, and employee offboarding.
• Perform user provisioning and deprovisioning across enterprise applications, cloud platforms, and infrastructure systems.
• Grant, modify, and revoke user access and application roles based on approved business requirements.
• Ensure timely and accurate execution of access requests while meeting established SLAs.
• Support privileged access management processes and least-privilege access principles.

Active Directory & Microsoft 365 Administration

• Administer and support Microsoft Active Directory (AD), Azure AD / Microsoft Entra ID, and Microsoft 365 environments.
• Manage user accounts, security groups, distribution groups, shared mailboxes, licenses, and permissions.
• Perform directory synchronization and identity management activities.
• Support Microsoft 365 user administration, licensing, and access governance requirements.
• Monitor identity infrastructure health and perform routine maintenance activities.

Authentication & Access Management

• Configure, administer, and support Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Conditional Access policies.
• Troubleshoot authentication, authorization, and identity-related issues across enterprise applications.
• Support federation protocols including SAML, OAuth, OpenID Connect (OIDC), and LDAP.
• Assist in implementing and maintaining role-based access control (RBAC) models.
• Support Okta or other IAM platforms for access management, authentication, and policy enforcement.

IAM Automation & Process Improvement

• Develop, maintain, and enhance PowerShell scripts and Logic Apps for IAM automation initiatives.
• Automate user onboarding and offboarding processes.
• Perform bulk user account creation, modification, and access changes through automation.
• Develop reporting and audit automation solutions.
• Automate IAM operational processes using PowerShell integrated with Active Directory, Azure AD, and Microsoft 365.
• Identify opportunities to improve operational efficiency through scripting and workflow automation.

Governance, Risk & Compliance

• Conduct periodic access reviews and user access certification activities.
• Support internal and external audit requirements by providing IAM evidence and reports.
• Generate compliance and access governance reports.
• Identify access control gaps and support remediation activities.
• Ensure compliance with organizational security policies, regulatory requirements, and industry standards.

Application Onboarding & Stakeholder Collaboration

• Collaborate with application owners and business teams to onboard applications into IAM solutions.
• Support integration of applications with SSO and identity federation services.
• Participate in IAM projects, migrations, and transformation initiatives.
• Work with security, infrastructure, and cloud teams to implement IAM best practices.

Documentation & Service Management

• Maintain IAM operational documentation, knowledge articles, SOPs, and process guides.
• Follow ITIL processes including Incident Management, Change Management, Problem Management, and Service Request Fulfillment.
• Participate in root cause analysis and continuous improvement initiatives.
• Ensure proper documentation of changes, incidents, and operational procedures.

Security & Best Practices

• Ensure adherence to security best practices and Zero Trust principles.
• Support implementation of least-privilege access and segregation of duties (SoD) controls.
• Monitor and report security-related IAM risks and policy violations.
• Contribute to continuous improvement of IAM security controls and processe

Required Technical Skills

Identity & Access Management

• Strong understanding of IAM concepts, access governance, and identity lifecycle management.
• Experience with user provisioning, deprovisioning, and access request management.
• Knowledge of RBAC, ABAC, PAM, SSO, MFA, and Identity Governance concepts.

Microsoft Technologies

• Microsoft Active Directory (AD)
• Microsoft Entra ID (Azure AD)
• Microsoft 365 Administration
• Conditional Access
• Azure AD Connect
• Microsoft Graph API (preferred)

IAM Platforms

• Okta
• SailPoint (preferred)
• CyberArk (preferred)
• Ping Identity (preferred)

Automation & Scripting

• PowerShell scripting (mandatory)
• Azure Logic Apps
• Microsoft Graph API
• Basic knowledge of Power Automate and REST APIs (preferred)

Authentication Protocols

• SAML 2.0
• OAuth 2.0
• OpenID Connect (OIDC)
• LDAP
• Kerberos

ITSM & Service Management

• ServiceNow or equivalent ITSM platform
• ITIL framework knowledge

Preferred Qualifications

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field.
• 3–6 years of experience in IAM operations, identity governance, or access management.

Preferred Certifications

• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Okta Certified Professional
• SailPoint Identity Security Certification
• ITIL Foundation
• Certified Ethical Hacker (CEH)
• CompTIA Security+

At Tieto, we believe in the power of diversity, equity, and inclusion. We encourage applicants of all backgrounds, genders (m/f/d), and walks of life to join our team, as we believe that this fosters an inspiring workplace and fuels innovation. Our commitment to openness, trust, and diversity is at the heart of our mission to create digital futures that benefit businesses, societies, and humanity.

Diversity, equity and inclusion | Sustainability | Tieto