Identity & Access Management Security Engineer

Your role at Exness:

Experienced IAM Security Engineer - contribute to projects and tools focused on identity and access management automation. In this role, you will play a key part in scaling and enhancing our IAM infrastructure by designing and implementing automated solutions, integrating with internal systems, and ensuring secure and efficient user lifecycle management. Your expertise will directly support our mission to enforce access controls, reduce manual workloads, and uphold high standards of security and compliance across the organization.

You will:

• Implement IDM/IGA processes using Evolveum MidPoint and Okta;
• Support user lifecycle processes (Joiner-Mover-Leaver, Temporary Workers, Service Accounts);
• Build and maintain automation scripts to grant/remove access;
• Define and maintain access policies and roles
• Conduct and participate in IAM audits
• Create and maintain Access Reviews
• Participate in maintaining existing authentication solution (Okta)
• Assist in complex integrations of new services (SSO / Provisioning)
• Participate in IAM implementation or migration projects and align them with business workflows;
• Develop and maintain technical documentation and IAM playbooks

What makes you a great fit:

• 3+ years of experience in information security or infrastructure automation or at least 2 years in IAM-related roles;
• Hands-on experience with Evolveum MidPoint or other IAM solutions (e.g., ForgeRock, SailPoint, Okta, One Identity);
• Basic Python programming skills (CI/CD automation experience would be a plus);
• Understanding of identity lifecycle management, RBAC/ABAC/SoD models;
• Familiarity with protocols and standards: LDAP, SAML, OIDC, OAuth2, SCIM;
• Comfortable with Linux environments and basic network/access control concepts;
• Experience with Git, CI/CD pipelines, and REST APIs;
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related technical field;
• Any Identity-related certification would be nice to have (Okta, MS Entra ID etc or any other vendor-neutral one);

Nice to have:

• Experience with Docker/Kubernetes;
• Knowledge of Java or Groovy (for deeper MidPoint customization);

What we offer along the way:

• Competitive and attractive compensation
• Extensive learning opportunities, such as professional training and certifications, soft skills development, free English courses, and trading workshops
• Flight tickets, hotel or apartment accommodation for your first month, migration support, and legal help for you and your family (if relocating)
• Health and life insurance for employees, spouses, and children, including vaccinations, tests, mental health care, and coverage for vision and dental care
• Generous time off, including 21 days of annual leave and paid sick leave
• Education allowance for your children’s school and kindergarten fees
• Access to our very own sports club with dedicated coaches, free Sanctum Club memberships for you and your spouse, corporate SUPs, jet skis, etc
• A branded company car (if relocating) with a parking space near the office
• Outstanding team-building experiences and Exness community gatherings

Your journey after applying:

1. Interview with Recruiter (up to 45 minutes)
2. Technical interview (1 hour)
3. Behavioral interview (1 hour)