IAM Specialist

About the role
We are seeking a highly skilled and security-focused IAM Specialist with a specialized background in Data Loss Prevention (DLP) to join our Information Security team. This unique role sits at the critical intersection of user access and data security. You will be responsible for designing, implementing, and maintaining our Identity and Access Management (IAM) infrastructure while leveraging your deep DLP expertise to ensure our data protection strategies are intrinsically linked to user identity and access rights. Your work will be pivotal in preventing unauthorized data access, exfiltration, and misuse, thereby protecting our most sensitive digital assets.
 

Visa sponsorship is not available for this position.
 

What you will do

1) IGA (Identity Governance & Administration) Implementation & Management:

• Lead the end-to-end implementation of an IGA platform (e.g., SailPoint, Saviynt, ForgeRock) in collaboration with the chosen vendor. This includes requirements gathering, design, configuration, testing, and deployment.

• Work closely with the vendor to ensure the solution is tailored to meet specific business processes and integration needs, particularly with HR systems (e.g., Workday, SAP) for Joiner-Mover-Leaver (JML) automation.

• Develop and manage access certification campaigns, Role-Based Access Control (RBAC) models, and access request workflows.

• Act as the primary technical owner and administrator for the IGA platform post-implementation.

2) PAM (Privileged Access Management) Implementation & Management:

• Implement, configure, and maintain the PAM solution (e.g., CyberArk, BeyondTrust, Thycotic) to secure, manage, and monitor privileged accounts.

• Manage the vaulting, rotation, and session isolation of privileged credentials for systems, network devices, databases, and applications.

• Establish and enforce policies for privileged session monitoring, recording, and auditing.

3) Governance, Risk & Compliance:

• Work closely with Legal and Compliance teams to align IAM practices with regulations (GDPR, SOX, PCI-DSS).

• Act as a primary point of contact for audits, generating detailed access reports, providing evidence of controls, and explaining technical processes to auditors.
   

4) Vendor & Stakeholder Management:

• Manage the relationship and deliverables of IAM vendors, ensuring they meet project milestones, performance SLAs, and contractual obligations.

• Act as a third-line escalation point for resolving complex access and authentication issues.

• Collaborate with IT, HR, and business units to translate policies into technical controls.

5) Data Loss Prevention (DLP)

• Policy Creation & Management: Define what data is sensitive and establish the rules for how it can be handled, stored, and shared.

• Monitoring & Incident Response: Continuously watch for policy violations and act quickly to contain and investigate potential data leaks.

• Endpoint Security: Control data transfer on user devices (laptops, desktops) by monitoring and restricting actions like copying to USB drives, printing, or unauthorized application use.

• Data Discovery & Classification: Proactively find and categorize sensitive information (PII, intellectual property) across the organization's network, servers, and cloud storage.

• Education & Enforcement: Train employees on proper data handling procedures and enforce DLP policies consistently to foster a culture of security awareness.
   

What you will need:

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field.

• 5 - 7+ years of direct, hands-on IAM engineering experience.

• 3+ years of proven, hands-on experience implementing and administering an IGA platform (e.g., SailPoint, Saviynt), including working directly with vendors on a full implementation lifecycle.

• 3+ years of proven, hands-on experience implementing and administering a PAM solution (e.g., CyberArk, Beyond Trust).

• IGA Implementation Experience (MUST HAVE)
  Hands-on experience configuring and customizing an IGA platform for HR-driven provisioning (e.g., integrating with Workday, SAP), access certifications, and RBAC.
  Experience in post-implementation support and administration of the IGA system.
  Successful, on-time, and on-budget deployment of the IGA solution meeting all defined business and technical requirements.

• PAM Implementation & Management Experience (MUST HAVE)
  Hands-on experience deploying and configuring a major PAM solution (e.g., CyberArk, BeyondTrust).
  Experience with onboarding privileged accounts, credential vaulting, automatic password rotation, and privileged session management/monitoring.
  Ensuring secure management, rotation, and monitoring of all privileged credentials to prevent credential-based attacks.

• Audit & Compliance
  Demonstrable experience supporting audits, managing access review campaigns, and handling remediation plans.
  Expertise in preparing for and responding to audits with precision.
  Providing 100% accurate and timely evidence for all IAM-related audit requests, ensuring zero deficiencies due to IAM process failure.

• Protocols, Scripting & Directories
  Knowledge of SAML, OIDC, OAuth, SCIM, and LDAP.
  Proficiency in scripting (PowerShell, Python) for automation and integration tasks.
  Expert knowledge of Microsoft Active Directory and Azure AD.

• Collaboration & Vendor Management
  Proven ability to manage third-party vendors, hold them accountable for deliverables, and ensure solutions meet business requirements.
  Experience working with HR on lifecycle management and with IT on troubleshooting.
  Ability to translate technical concepts for Legal, HR, and Business stakeholders.

• Analytical & Problem-Solving Skills
  Advanced troubleshooting skills for complex, cross-platform access issues.
  Ensuring the accuracy and automation of user provisioning and de-provisioning to minimize manual effort and access-related risks.

Talent acquisition based on Nexperia vacancies is not appreciated. Nexperia job adverts are Nexperia copyright material and the word Nexperia is a registered trademark.

D&I Statement

As an equal-opportunity employer, Nexperia values diversity not just because it is the right thing to do but because diverse teams perform better. We are dedicated to being inclusive, and a proof point of this dedication is that we were the main partner of the very first Dutch Paralympic Team NL House during the Paris 2024 Paralympic Games. Our recruitment process is inclusive and accessible to all, and we consider all applicants fairly, as well as providing a safe work environment and reasonable adjustments where requested.

In addition, we offer our colleagues the possibility to join employee resource groups such as the Pride Network Group or global and local Women's groups. Nexperia is committed to increasing women in management positions to 30% by 2030.