Description:

About us:

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a 29.8 Billion international wholesaler with operations in 32 countries through 625 stores & a team of 91,000 people globally.

Metro operates in a further 10 countries with its Food Service Distribution (FSD) business and it is thus active in a total of 34 countries.

MGSC, location wise is present in Pune (India), D- sseldorf (Germany) and Szczecin (Poland).

We provide HR, Finance, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day.

We are setting tomorrows standards for customer focus, digital solutions, and sustainable business models.

For over 10 years, we have been providing services and solutions from our two locations in Pune and Szczecin.

Job Description :

How you will make an impact :

You will join the Cyber Security Platform as a Solution Expert for Identity & Access Management, with a strong focus on SailPoint Identity Security Cloud (ISC).

Together with product and engineering teams, you will drive the migration from a legacy, custom-built IAM solution to a modern, cloud-based SailPoint landscape.

You will design and implement robust identity lifecycle and access provisioning flows, ensuring secure and reliable integrations with Active Directory and business applications.

By combining strong technical depth with stakeholder management skills, you will help shape the target architecture for employee IAM across the organisation.

Your work will directly reduce operational risk, technical debt and security exposure.

Your Responsibilities :

- Own the functional and technical design of SailPoint ISC configurations, workflows and integrations.

- Lead the migration from legacy IAM components to SailPoint ISC, including analysis, cut-over planning and decommissioning activities.

- Design and implement automated provisioning/de-provisioning , certification campaigns and access governance processes (joiner/mover/leaver, role changes, company changes).

- Design and implement complex workflows, provisioning rules, and policies, develop and maintain custom connectors and integrations.

- Collaborate with engineers and vendors to implement, test and optimize SailPoint-based solutions including updates in a cloud environment, including enhancement scripts, rules, and provisioning logic.

- Support incident and problem management for IAM topics, including root cause analysis and sustainable remediation.

- Work closely with security, workplace, and application teams to define integration patterns and ensure secure end-to-end data flows.

- Contribute to and review technical documentation, architecture decisions and design guidelines for IAM capabilities.

- Act as a trusted counterpart to stakeholders (solution owners, platform leads, external partners), explaining options, risks and trade-offs.

- Provide guidance and knowledge transfer to other team members and partners on SailPoint ISC capabilities and best practices.

- Continuously identify improvement opportunities to reduce manual work, technical debt and operational risk within the IAM landscape.

Qualifications :

Required key competencies and qualifications :

- 5+ years of experience in designing, implementing or operating enterprise-scale identity, security or platform services in complex IT environments.

- Proven hands-on experience with SailPoint Identity Security Cloud (ISC) or comparable cloud-based IGA platform (engineering/configuration, not just operations).

- Strong understanding of identity lifecycle processes, role/authorization models and IAM integration patterns with AD/Entra and HR systems.

- Solid technical skills in cloud architectures, REST APIs, events/messaging and integrating SaaS platforms into enterprise environments.

- Deep understanding of directory services (Active Directory, Entra ID), REST APIs, and authentication protocols (SAML, OAuth, OpenID Connect).

- Proven expertise in access governance design (RBAC/ABAC), entitlement modeling, and automation (GitLab CI/CD).

- Ability to translate business and security requirements into feasible, scalable IAM designs and configuration.

- Strong understanding of identity governance, compliance, and audit frameworks.

- Experience working as a senior individual contributor: self-driven, accountable, able to structure work and drive topics end-to-end.

- Excellent stakeholder management and communication skills, including working with solution owners, vendors and distributed teams.

- Experience in incident/problem management and familiarity with secure coding/configuration and security-by-design principles.

- Comfortable working in agile delivery models.

- Strong analytical and conceptual thinking, capable of navigating complex legacy landscapes and designing pragmatic migration paths.

- Fluency in English (spoken and written).

- Preferred certifications include SailPoint Certified Identity Security Engineer or equivalent.