Identity Governance and Privileged User Engineer
Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries and more than 170 clients in 35 countries. We are an industry‑leading provider of wealth management technology and services for financial institutions around the world, including private banks, wealth managers, investment managers, and retail and neo banks. Our research‑led approach and continual innovation are powered by the passion and creativity of our colleagues.
We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.
Job Description
Join the IAM team to manage privileged access and identity governance. Work with One Identity Safeguard and One Identity Manager to secure accounts, support JML processes, and integrate applications.
Your Key Tasks
PAM
* Operate and maintain One Identity Safeguard
* Manage credential policies, password rotation, and integrations
* Onboard systems and accounts into PAM
* Monitor platform health and troubleshoot issues
IGA
* Support JML processes with One Identity Manager
* Maintain workflows, mappings, and job server operations
* Integrate new applications and validate access assignments
Documentation
* Maintain SOPs, runbooks, and audit‑compliant records
Systems & Infrastructure
* Manage IAM components on Windows/Linux
* Perform patching, hardening, and monitoring
* Provide L2/L3 support for IAM and directory services
Automation & Tooling
* Automate with Terraform and Ansible
* Develop PowerShell scripts; use SQL for troubleshooting
Qualifications
* Degree in IT or a related field
* 2–3 years of experience in PAM/IGA roles
* Hands‑on experience with One Identity Safeguard or similar tools (e.g., CyberArk, BeyondTrust, Delinea)
* Strong Windows and Linux engineering skills
* Solid knowledge of AD, Azure AD/Entra ID, LDAP, and authentication protocols
* Proficiency in Terraform, Ansible, and PowerShell; SQL knowledge preferred
* Strong documentation skills and a compliance‑focused mindset
* Fluent in English; German or French is a plus
Additional Information
We realize that managing work‑life balance is a challenge we all face in our daily lives and we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work‑life balance while still continuing our fantastic Avaloq culture in our global offices.
In Avaloq we embrace diversity and are committed to fostering an equal‑opportunity environment and inclusive culture where you can be your authentic self. We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other traits that make us unique, and we have done our best to write this advert in an inclusive and neutral way.
We will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.
#J-18808-Ljbffr