Senior Identity & Access GRC Engineer

Job Description

Join Us

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Senior Identity & Access Governance Engineer is responsible for the design, implementation and continuous improvement of Identity and Access Management (IAM) controls across the organization to mitigate cyber risk and ensure compliance with local/international regulatory requirements. The role sits within the GRC function and acts as the technical authority for identity governance, ensuring the translation of policies into enforceable and auditable technical controls across on-premises, cloud and hybrid environments. This is a senior, hands-on role with governance responsibilities and cross-functional influence, who will design the operating model, define governance frameworks, implement risk-based controls and set the IAM maturity level at the enterprise level.

What you’ll do

Main Responsibilities:
Identity Control Governance and Design
• Define IAM governance framework, standards and control structure
• Design IAM operational model
• Translate IAM policies and standards into applicable technical controls
• Design and maintain enterprise-wide RBAC models aligned with business roles and risk levels
• Define and enforce Segregation of Functions (SoD) controls
• Establish Key Risk Indicators (KRIs) and control effectiveness metrics
• Maintain IAM documentation and record repository
• Create an IAM maturity roadmap
• Ensure alignment with Zero Trust principles
Identity Lifecycle Management (JML)
• Design and optimize Joiner Mover Leaver processes
• Ensure automatic provisioning and revocation of access in critical systems
• Reduce accounts orphaned, inactive, and overprivileged
• Integrate IAM with authoritative sources (HR and identity sources)
• Define SLAs for deprovisioning and monitor compliance
• Establish access recertification governance
Privileged access governance
• Define governance framework for Privileged Access Management (PAM)
• Reduce permanent administrative privileges
• Implement Just in Time (JIT) and least privilege / Just Enough Access (JEA) principles
• Ensure privileged session monitoring and logging controls
• Coordinate with CSOC for identity-based detection cases
Authentication and access control
• Ensure MFA enforcement for critical systems and high-risk users
• Validate SSO and federation configurations
• Define authentication assurance levels based on risk
• Align identity controls with Zero Trust principles
Support for compliance and audit
• Ensure alignment IAM with:
o NIS2
o ISO 27001
o GDPR
o Internal Security Policies
• Support for internal and external audits
• Provide IAM records and remediation plans
• Track and remediate IAM non-conformities
Oversee and modernize the IAM platform
• Assess the health of IAM/IdM platforms and lifecycle risks (EOL/EOS)
• Identify coverage gaps in applications and cloud environments
• Propose a modernization and improvement roadmap
• Lead the integration of new systems in the IAM area
Cross-functional collaboration
• Close collaboration with:
o IT Operations
o Network Operations
o HR
o Application Owners
o Cloud & DevOps Teams
o CSOC
o Business teams
• Act as SME in the identity area during security incidents
• Ensure the inclusion of identity risks in the enterprise risk register

Who you are

Experience
• 5–8+ years of experience in IAM or Identity Governance
• Experience in building or transforming IAM capabilities
• Hands-on experience with enterprise IAM platforms (SailPoint, Saviynt, OneIdentity, Okta, Microsoft Entra ID)
• Experience with PAM solutions (CyberArk, BeyondTrust)
• Strong knowledge of:
o RBAC / ABAC
o Segregation of Functions (SoD)
o SAML, OAuth2, OIDC
o LDAP / Active Directory
o MFA and conditional access policies
• Experience in regulated environments (telecom, financial, utilities – preferred)
• Experience in supporting audit and compliance programs

Technical Skills
• Enterprise IAM architecture and design
• JML frameworks
• Governance models for privileged access
• Authentication and federation architecture (SSO, MFA, conditional access)
• IAM integration in cloud and hybrid environments
• Risk assessment and identity controls
• Logging, monitoring and traceability requirements for identity systems
• Ability to assess and improve the health of IAM platforms
Key competencies
• Risk-based thinking
• Ability to translate regulatory requirements into technical controls
• Structured documentation and records management
• Strong communication skills
• Proactivity and ownership orientation
• Ability to identify control deficiencies and propose solutions
• Strategic thinking and long-term planning
• Project management
• Teamwork and accurate reporting
• Problem-solving, negotiation, deadline orientation

Recommended technical/professional certifications:
• CISSP
• CISA
• CISM
• CIAM / Certified Identity and Access Manager
• Microsoft Certified: Identity and Access Administrator Associate
• CyberArk Defender / Sentry
• ISO 27001 Lead Implementer / Lead Auditor

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity.

What's in it for you

• Hybrid working regime 2 days from the office, 3 days remote
• Special discounts for Vodafone employees, Friends & Family offers
• Demo telephone subscription - unlimited (voice and data)
• Voucher for the purchase of a mobile phone
• Medical subscription to a top private clinic & other medical benefits
• Insurance for hospitalization and surgical interventions
• Life insurance
• Meal tickets
• Bookster subscription
• Participation in development programs and challenging projects in the leadership area
• Access to internal Wellbeing & Recognition events
• Extra vacation days (for seniority, special events, volunteering)
• You will benefit from specializations in your field of activity, through programs based on modern training methods and systems

Who we are

We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance.

Together we can.