Identity & PAM Security Engineer in Germany at Jobgether

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Identity & PAM Security Engineer based in Germany.

This role sits at the core of enterprise security, focusing on how identities are governed, accessed, and protected across critical systems and infrastructure. You will design and operate identity security controls that ensure the right people and systems have the right level of access at the right time. Working across Security, Infrastructure, and Engineering teams, you will strengthen privileged access management, enforce least-privilege principles, and improve identity governance at scale. The environment is highly technical and collaborative, with a strong emphasis on automation, resilience, and security-by-design. You will also play a key role in securing cloud and enterprise environments while contributing to continuous improvements in identity workflows and controls. This is a high-impact position where your work directly reduces risk and strengthens the organization’s security posture.

• Design, implement, and manage privileged access controls including Privileged Identity Management (PIM), just-in-time (JIT) access, approval workflows, and role assignments.
• Define and maintain secure administrative access processes for high-risk roles, privileged sessions, and emergency break-glass accounts.
• Lead access review and certification processes, ensuring remediation actions are completed and access remains aligned with least-privilege principles.
• Manage the lifecycle of service accounts, machine identities, secrets, API keys, and credentials, including rotation, monitoring, and decommissioning.
• Configure and maintain conditional access policies, MFA enforcement, and identity risk-based security controls.
• Design and implement automation for identity workflows, including approvals, access provisioning, reporting, and remediation processes.
• Collaborate with Security, Infrastructure, and Engineering teams to enhance identity security across cloud and enterprise environments.
• Support security audits, compliance requirements, incident response, and identity-related investigations.
• Contribute to the evolution of identity governance, PAM strategies, and security operations best practices.
• Improve identity security tooling, documentation, and operational processes to increase scalability and resilience.

• 4+ years of experience in Identity & Access Management (IAM), Cloud Security, Infrastructure Security, or Security Engineering roles.
• Hands-on experience with identity platforms such as Microsoft Entra ID and Google Cloud IAM.
• Strong understanding of identity security principles including least privilege, RBAC, MFA, conditional access, and privileged access management.
• Experience managing service accounts, machine identities, secrets management, and credential rotation at scale.
• Proven ability to design or operate PAM or identity governance processes in complex environments.
• Experience building automation using tools such as PowerShell, Python, APIs, or workflow orchestration platforms.
• Strong analytical and problem-solving skills with a security-first mindset.
• Experience working with SIEM tools, log analysis platforms, or security monitoring systems is a plus.
• Familiarity with tools such as HashiCorp Vault, Azure Key Vault, or Google Secret Manager is advantageous.
• Relevant certifications such as SC-300, AZ-500, CISSP, or CCSP are considered a strong plus.
• Excellent communication, documentation, and stakeholder management skills.
• Ability to work effectively in distributed, fast-paced, and collaborative engineering environments.

• Competitive salary with performance-based quarterly bonuses.
• Remote-first working model with flexibility across working hours.
• 28 days of paid annual leave.
• Core working hours with flexibility outside of defined collaboration windows.
• Top-tier equipment provided to support your work.
• Referral bonuses and performance-based flash bonuses.
• Annual company retreats with international team collaboration opportunities.
• Opportunity to work in a highly technical, security-focused environment.
• Exposure to modern cloud identity, PAM, and enterprise security architectures.
• Strong emphasis on autonomy, ownership, and continuous improvement.
• Collaborative and globally distributed team culture.