Job
- Level
- Senior
- Job Feld
- IT, Security
- Anstellung
- Vollzeit
- Vertragsart
- Unbefristetes Dienstverhältnis
- Ort
- Ismaning
- Arbeitsmodell
- Hybrid, Onsite
Job Zusammenfassung
In dieser Position entwickelst du die IAM-Strategie für Entra ID und Active Directory, verwaltest den Identitätslebenszyklus und implementierst Sicherheitsmaßnahmen über verschiedene Umgebungen hinweg. Zudem tätigst du Bedrohungsanalysen und unterstützt das SOC bei komplexen Vorf
Job Technologien
Deine Rolle im Team
- Own IAM strategy across Entra ID and Active Directory.
- Manage conditional access, PIM/PAM, and identity lifecycle governance.
- Develop identity-centric detections and threat-hunting workflows, analyzing Entra ID logs and privilege escalation paths in alignment with the SOC.
- Partner with Infrastructure, Client Services, and Cloud Admin teams to review and implement controls across endpoint, email, network, and cloud environments.
- Act as internal advisor for Splunk Cloud SIEM and Cribl Stream/Edge, partnering with the MSSP on detection engineering and optimization.
- Oversee vulnerability management and quality-assure penetration tests.
- Serve as senior escalation point for complex SOC investigations.
- Mentor SOC analysts and junior engineers.
- Contribute to the long-term security roadmap.
- Keep leadership informed on risks and developments and maintain clear architecture and process documentation.
Unsere Erwartungen an dich
Ausbildung
- Bachelor's degree in IT Security, Cyber Security, or comparable qualification (or equivalent practical experience).
Qualifikationen
- Deep expertise in Entra ID, Active Directory, MFA/passwordless, SSO protocols (SAML, OIDC, SCIM), and identity governance.
- Strong foundation in zero-trust architecture and frameworks such as NIST, ISO 27001, or MITRE ATT&CK.
- Working knowledge of Splunk Cloud SIEM, CyberArk, SailPoint IdentityIQ, and Cribl Stream/Edge.
- Familiarity with AWS, Proofpoint, and Zscaler/Cisco/FortiGate.
- Proficiency in PowerShell, Python, or Microsoft Graph API.
- Very good English communication skills (German desirable).
- Certifications such as Microsoft SC-300, SC-100, AZ-500, CISSP, CIDPRO, AWS Security Specialty, GIAC (GCIH, GCIA, GCFA), or Splunk/Cribl are considered a plus.
Erfahrung
- 5+ years in IT security engineering or operations, with significant hands-on IAM responsibility.
Unser Angebot
- Growth is important to us, that's why we support your personal and professional development.
- A working environment based on trust, encouragement and constructive feedback.
- Collaboration with people from different countries and cultures.
- 32 days annual leave plus 2 days off.
- Flexible working hours and home office policy (approx. 60% possible).
- Attractive employee conditions for car insurance.
- Exceptional company benefits: Employer subsidy for occupational pension scheme and disability pension, supplementary company health insurance, capital-forming benefits.
- Optional: Job ticket, car parking spaces, monthly travel allowance.
- EGYM Wellpass.
- Financial subsidy as a small wish-fulfiller.
- Free coffee, tea, water and weekly fruit delivery.
- Health management and pme family service.
Benefits
Work-Life-Integration
Themen mit denen du dich im Job beschäftigst
Job Standorte
Das ist dein Arbeitgeber
AND-E
AND-E ist ein innovatives Versicherungsunternehmen mit Hauptsitz in Ismaning bei München. Als Teil der MS&AD Group Holding zählt es zu den größten Versicherungskonzernen weltweit und beschäftigt 250 Mitarbeiter:innen in Deutschland. Das Unternehmen gilt als einer der führenden Anbieter von Telematiklösungen in Europa und kooperiert eng mit der Toyota und Lexus Organisation.
Description
- Unternehmenstyp
- Etablierte Firma
- Arbeitsmodell
- Hybrid, Onsite
- Branche
- Banken, Finanz, Versicherung