A leading FMCG company is hiring an IAM Engineer

Role Summary: IAG Engineer

The IAG Engineer is responsible for the design, implementation, and ongoing management of Identity Governance and Administration (IGA) controls, ensuring that access to systems, applications, and data is properly authorised, controlled, auditable, and compliant.

The role centres on access lifecycle management, role-based access governance, certification processes, and Segregation of Duties (SoD) enforcement. It also includes the delivery of accurate compliance reporting and audit support.

The primary objective is to minimise identity and access-related risk by ensuring that all user access is appropriately governed, regularly reviewed, and aligned with organisational policies and regulatory requirements.

IAG Platform Engineering & Operations

Design, implement, and support Identity Governance and Administration (IAG) platforms (e.g. SailPoint, Saviynt, One Identity, Microsoft Entra ID Governance).

Configure and maintain identity lifecycle workflows (joiner, mover, leaver) and manage integrations across Active Directory / Entra ID, HR systems, business applications, and cloud platforms.

Ensure the platform is stable, scalable, and performs optimally.

Identity Lifecycle & Access Provisioning

Automate the provisioning and deprovisioning of user access based on identity attributes.

Ensure timely removal or adjustment of access for terminated or role-changing users.

Enforce least-privilege access principles while reducing manual intervention and human error.

Role Management & Access Models

Design, implement, and maintain business roles, IT roles, and entitlement models.

Conduct role mining and optimisation to improve efficiency and reduce complexity.

Ensure role structures align with business needs and risk tolerance.

Access Reviews & Certifications

Configure and manage access certification campaigns covering user, privileged, and application/data access.

Support stakeholders during review processes and track completion, exceptions, and remediation activities.

Maintain audit-ready evidence of access approvals and governance controls.

Automation & Continuous Improvement

Leverage APIs, workflows, and scripting to automate IAG processes.

Enhance the access request and approval experience.

Identify and implement improvements to reduce operational overhead and support IAM maturity initiatives.

Stakeholder Engagement

Collaborate with HR, IT, Security, Risk, Audit, and application owners.

Translate governance and compliance requirements into effective technical controls.

Provide guidance and promote best practices in identity governance across the organisation.

Key Performance Areas • Effectiveness of Identity Lifecycle Management • Strength of Access Governance and adherence to Least Privilege principles • Quality and optimisation of Role and Entitlement Models • Execution and completion of Access Review Certifications • Compliance, Audit Readiness, and Control Effectiveness • IAG Platform Stability and Operational Performance

Minimum Education

Bachelor’s degree in Computer Science, Information Systems, or a related field

Required Skills & Experience • Proven experience with IAG platforms such as SailPoint, Saviynt, One Identity, or Microsoft Entra ID Governance • Strong understanding of: • Identity lifecycle management (joiner, mover, leaver processes) • Access provisioning and deprovisioning models • Role-Based Access Control (RBAC) • Directory services (e.g., Active Directory, LDAP)

Experience

•5+ years as a PAM engineer

Soft Kills

Strong analytical and problem‑solving skills.

Ability to work with business and technical stakeholders.

Clear documentation and communication skills.

Detail‑oriented with a risk‑based mindset.