Home
Recruiter
Log In

Identity & PAM Security Engineer

Remote from
Europe flag
Europe
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Cybersecurity
Employment type
Full Time,
Job posted
Apply before
10 Jul 2026
Experience level
Midweight
Views / Applies
16 / 6
About company Share

About Sporty Group

Sporty Group is a global consumer internet and technology company with a strong presence in sports media, gaming, social, and fintech.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

This role involves designing, implementing, and managing identity security controls across the enterprise, focusing on privileged access management, identity governance, and conditional access. The engineer will work closely with Security, Infrastructure, and Engineering teams to ensure secure and least-privilege access to critical systems. Key responsibilities include managing Microsoft Entra ID and Google Cloud IAM, automating identity workflows, and supporting audits and incident response. The ideal candidate has 4+ years of IAM experience and skills in PAM, RBAC, MFA, and automation using PowerShell or Python. This is a remote-first position with a competitive salary and quarterly bonuses.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires deep expertise in identity security concepts and cloud IAM platforms, making it moderately difficult. However, it is manageable for experienced engineers with 4+ years in IAM.

Salary Analysis

Median Highly Competitive
$135,000
US Market
$100k – 170k
0 $187k
AI Insight The offered salary is not specified, but based on market data for Identity and PAM Security Engineers with 4+ years of experience, the median salary is around $135,000 USD. This is competitive for a specialized role with enterprise-level responsibilities.

Key Skills

Microsoft Entra ID Privileged Access Management Conditional Access Google Cloud IAM PowerShell Python HashiCorp Vault Service Account Management REST APIs SIEM

Dear Hiring Manager,

I am writing to express my strong interest in the Identity & PAM Security Engineer position at your company. With over 5 years of experience in identity and access management, including hands-on expertise in Microsoft Entra ID, Google Cloud IAM, and privileged access management, I am confident in my ability to contribute to your security team.

In my previous role, I led the implementation of just-in-time access controls and automated service account credential rotation, reducing security risks by 30%. I am skilled in using PowerShell and Python to build workflow automation, and I have a proven track record of collaborating with cross-functional teams to enforce least-privilege principles.

I am particularly excited about this opportunity because of your company's focus on security and scalability. I thrive in fast-paced, distributed environments and am eager to bring my expertise in PAM, conditional access, and identity governance to your organization.

Thank you for considering my application. I look forward to discussing how I can help strengthen your identity security posture.

Sincerely,
[Your Name]

Can you describe your experience with Microsoft Entra ID and Privileged Identity Management (PIM)?
I have used Microsoft Entra ID for identity management and PIM to implement just-in-time privileged access. I configured approval workflows, managed role assignments, and activated roles only when needed, ensuring least privilege.
How do you handle service account lifecycle management?
I manage service accounts by tracking ownership, setting expiry dates, rotating credentials automatically using tools like Azure Key Vault, and monitoring usage for anomalies. I also ensure decommissioning of unused accounts.
Explain how you would design a conditional access policy for remote access to critical systems.
I would require MFA, compliance with device policies (e.g., Intune), and access from trusted IPs. For high-risk sessions, I would enforce session controls and limit access duration.
Describe an automation script you created for identity workflows.
I developed a Python script that integrated with REST APIs to automatically revoke access for users who left the company, check for dormant accounts, and generate monthly access review reports.
How do you stay updated with identity security threats and best practices?
I follow blogs from Microsoft and Google Cloud, participate in security forums, and I'm pursuing CISSP certification. I also attend webinars and apply lessons from incidents to improve controls.

About the role

This team is responsible for the security, stability, and scalability of the company’s software systems and infrastructure. We monitor system performance, identify and mitigate risks, and ensure our platforms remain secure, resilient, and capable of supporting continued growth.

As an Identity & PAM Security Engineer, you will be responsible for designing, implementing, and managing identity security controls across the enterprise. Your focus will include privileged access management, identity governance, service account security, and conditional access controls. Working closely with Security, Infrastructure, and Engineering teams, you will help ensure that access to critical systems and resources is secure, appropriately governed, and aligned with least-privilege principles.

What you’ll be doing

  • Manage privileged access controls, including Privileged Identity Management (PIM), just-in-time (JIT) access, approval workflows, and privileged role assignments.
  • Define and maintain administrative access processes for high-risk roles, privileged sessions, and break-glass accounts.
  • Lead and support access review processes, track remediation activities, and ensure access rights remain aligned with least-privilege principles.
  • Manage the lifecycle of service and machine accounts, including ownership, permissions, credential rotation, monitoring, and decommissioning.
  • Configure, maintain, and monitor conditional access policies, multi-factor authentication (MFA), and identity risk controls.
  • Design and implement automation for identity workflows, approvals, access validation, reporting, and remediation activities.
  • Collaborate with Security, Infrastructure, and Engineering teams to strengthen identity security across cloud and enterprise environments.
  • Support security audits, incident response activities, and identity-related investigations.
  • Contribute to the ongoing improvement of identity governance, privileged access management, and security operations practices.

What you’ll bring

  • 4+ years of experience in Identity and Access Management (IAM), Cloud Security, Infrastructure Security, or Security Engineering.
  • Hands-on experience administering and securing Microsoft Entra ID and Google Cloud IAM environments.
  • Strong understanding of identity security concepts including least privilege, role-based access control (RBAC), multi-factor authentication (MFA), conditional access, access governance, and privileged access management.
  • Experience managing service accounts, machine identities, secrets, API keys, and credential rotation processes.
  • Experience building automation using workflow management platforms, APIs, PowerShell, Python, or similar technologies.
  • Strong analytical and problem-solving skills with a security-first mindset.
  • Excellent documentation, communication, and stakeholder management skills.
  • Ability to work effectively in a fast-paced, distributed environment.

Even better if

  • Experience implementing or operating Privileged Access Management (PAM) solutions at scale.
  • Familiarity with Identity Governance and Administration (IGA) frameworks and best practices.
  • Experience integrating identity security controls into cloud-native environments and automation pipelines.
  • Exposure to security monitoring, SIEM platforms, or log analysis tools.
  • Relevant certifications such as SC-300, AZ-500, CISSP, CCSP, or equivalent.

Role specific tools

  • Microsoft Entra ID
  • Privileged Identity Management (PIM)
  • Conditional Access
  • Multi-Factor Authentication (MFA)
  • Google Cloud IAM
  • Service Account Management
  • Workflow Management Platforms
  • HashiCorp Vault
  • Azure Key Vault
  • Google Secret Manager
  • PowerShell
  • Python
  • REST APIs
  • SIEM and Log Analysis Tools

What’s in it for you

  • Sporty is a remote-first company in pursuit of sustainability
  • A competitive salary plus individual performance-based bonuses every quarter
  • 28 days paid annual leave
  • Core working hours of 10am-3pm in your local time zone, with flexibility outside of these hours
  • Referral bonuses and flash bonuses
  • Top-of-the-line equipment
  • Annual company retreats that provide opportunities to connect and collaborate with colleagues from around the world

If you’re interested, we encourage you to apply. Every application is reviewed by a member of our team, and we aim to respond within 48 hours.

Apply now >

Annual salary information is not provided for this position. Explore salary ranges for similar roles in our Salary Directory ›

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Cybersecurity remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

614 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts and digest
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts and digest
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›