Join to apply for the Senior IAM Engineer (80-100%) role at Sygnum Bank
2 days ago Be among the first 25 applicants
Join to apply for the Senior IAM Engineer (80-100%) role at Sygnum Bank
Get AI-powered advice on this job and more exclusive features.
Sygnum is a global digital asset banking group, founded on Swiss and Singapore heritage. We empower professional and institutional investors, banks, corporates and DLT foundations to invest in digital assets with complete trust. Our team enables this through our institutional-grade security, expert personal service and portfolio of regulated digital asset banking, asset management, tokenisation and B2B services.
In Switzerland, Sygnum holds a banking licence and has CMS and Major Payment Institution Licences in Singapore. The group is also regulated in the established global financial hubs of Abu Dhabi and Luxembourg.
We believe that the future has heritage. Our crypto-native team of banking, investment and digital asset technology professionals are building a trusted gateway between the traditional and digital asset economies that we call Future Finance. To learn more about how Sygnum’s mission and values are shaping this digital asset ecosystem, please visit sygnum.com and follow us on LinkedIn and X.
Our Values
A key pillar of our success are the Sygnum values that define and unite us a team. We proudly call them our SYGN values:
S stands for the importance we hold in Seeking and seizing opportunities, and the way we take personal ownership for delivering results for our clients;
Y represents the way we say Yes to maintaining the highest level of integrity and fairness in everything we do. Sygnumers always display confidence without attitude;
G reminds us to always Grow and win together. We only succeed by supporting each other and challenging ourselves, and our team-mates, to reach for new heights;
N is here for Nose for value because we are always looking to focus on what matters most to our clients, partners and team.
Sygnum has one of the most diverse teams in the industry. Diversity plays a central role in keeping our work culture open, our teams productive and energised, and our solutions at the forefront of the industry. In the spirit of our SYGN value to “grow and win together”, we fully embrace an equal opportunity mindset in the way we onboard, develop and promote our team members.
About the role
We’re seeking an enthusiastic Senior IAM Engineer to become a cornerstone of our Microsoft-focused identity security platform. In this hands-on role, you’ll leverage Entra ID, Terraform, M365 Stack and Azure to deliver enterprise-grade IAM controls across hybrid and cloud environments. You’ll own technical delivery, architect solutions, and collaborate across teams to secure access to critical systems—from corporate apps to custody platforms and infrastructure.
You’ll also provide consultative guidance on related Microsoft ecosystem capabilities, including Azure SRE, Intune configuration, M365 and tenant-level access policies, helping strengthen security alignment across the wider IT and engineering landscape.
Responsibilities include:
Design & implement IAM architecture using Microsoft Entra ID, PIM, Conditional Access, entitlement, ID Governance suite and group management
Automate identity & access policies via Terraform (IaC), integrating IAM changes into CI/CD pipelines with full auditability
Lead Joiner Mover Leaver lifecycle automation, enforcing least privilege, onboarding/deprovisioning, and membership management
Configure privileged access with Azure PIM, Just In Time workflows, MFA, and access approval processes
Collaborate with SecOps and SOC to integrate identity events (e.g. escalations, failed logins) into SIEM and incident workflows
Drive IAM governance: plan and execute access reviews, SoD analysis, entitlement attestation, and policy recertifications
Own audit evidence: maintain Terraform code, policy documentation, logs, and reporting ready for FINMA and internal audit
Consult with cross-functional teams (HR, Risk & Compliance, Platform Engineering) to align identity controls with business needs
Monitor IAM KPIs: provisioning times, review coverage, privileged sessions, policy violations—and report to leadership
Stay current on Microsoft Entra roadmap (e.g., Permissions Management, cross-tenant access) and drive adoption of new security features
Design and support authentication and authorisation integrations using protocols such as SAML, OAuth2, and OpenID Connect, ensuring secure access to SaaS platforms, third-party services, and in-house developed applications
Collaborate with development and platform teams to embed IAM into application architectures, including federated login and modern identity brokering
Audit and monitor AWS IAM activity: enable and analyse AWS CloudTrail logs for access events and work with the SOC to feed access logs into the SIEM for anomalous behaviour detection
Provide consultative support to Platform and SRE teams on Microsoft tenant configuration, including conditional access, role assignments, and policy management
Support Azure SRE projects by advising on service connection permissions, pipeline identity management, and secure integration of CI/CD with Entra ID
Configure and maintain cross-tenant sync in multi-cloud environment, B2C and B2B configurations
Advise on Intune policy, device group structures and device compliance integration, ensuring alignment between endpoint management and IAM standards
You are a motivated IAM professional with a strong foundation in Microsoft identity technologies and a passion for automation and access control. You thrive in dynamic, high-trust environments and are eager to secure critical systems through well-governed, scalable identity solutions. You’re also comfortable working across teams to align adjacent technologies like Intune, AWS and Azure to broader IAM objectives.
Bachelor's/Master's in Computer Science, Information Security, or equivalent
7+ years in IT, with 3+ years dedicated to IAM, using Microsoft Entra ID/Azure AD
Hands-on experience with Terraform for identity management and role policies
Deep understanding of IAM principles: RBAC/ABAC, least privilege, zero trust, conditional access and privilege management
Deep knowledge of Azure RBAC, Root Tenant IAM management in Azure CAF (private landing zones) environment and IAM landing zones architecture
Experience integrating IAM with CI/CD pipelines and infrastructure-as-code
Working knowledge of privileged access tools, MFA, SSO, entitlement management
Solid awareness of regulatory landscape (FINMA, ISO 27001, NIST) and audit-readiness best practices
Familiarity with Microsoft tenant-level administration, including conditional access and directory roles
Excellent stakeholder communication in English; German is a plus
Exposure to digital asset platforms: custody, key management, multisig workflows
Knowledge of HSM architecture, encryption models, or blockchain security
Experience advising on Intune policy design or secure Azure SRE implementation
Certifications: CISSP, CISM, Azure Security Engineer, or Microsoft Identity certifications
Our Offer
Joining Sygnum means being part of a dynamic, global team that is building a trusted gateway between the traditional and digital asset economies. Working at Sygnum, you will experience our fast-paced, exciting work environment that embraces meritocracy and collaboration and open communication. Alongside our ambitious long-term mission, we also come together for reaching important milestones and annual crypto-industry anniversaries like Bitcoin Pizza Day, and regularly celebrate together at themed company events as part of our journey to shape Future Finance.
Sygnum offers a comprehensive package of benefits for all team members. They include:
Attractive combination of market salaries and entrepreneurial incentive scheme
Flexible/Work at home policies
Professional development via Mentoring and Buddy programs
One-month fully paid sabbatical after five years of continuous employment
If you are passionate about the potential of blockchain to share Future Finance and your profile is a good fit for this position, please send us your CV today!
Seniority level Seniority level Mid-Senior level
Employment type Employment type Full-time
Job function Job function Information Technology and Engineering
Industries Financial Services and Banking
Referrals increase your chances of interviewing at Sygnum Bank by 2x
Get notified about new Access Manager jobs in Zurich, Switzerland .
Mid-level - Senior Software Engineer - Financial Reporting Senior Electrical Machine Engineer 100% (m/w/d) Senior R&D Engineer - System Architecture (Italy based) Senior Solutions Engineer - Cybersecurity & Identity (DACH) Principal Software Engineer, Vice President Global R&D Manager – Engineering Solutions & Optimizations (f/m/d) Head of Data Engineering (f/m/d) | 80-100% | Hybrid working model | Zurich, Switzerland System Software Engineering Manager, Calibration - Autonomous Vehicles UBS Card Center AG - Senior Hardware Security Module Engineer (w/m/d) ASAP: Senior Accountant - DE/ENG - Temp to Perm - Michael Page - Switzerland We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr