Senior Software Engineer - Security Governance Engineer - IAM

As an Identity and Access Management (IAM) Security Governance Engineer, you will be responsible for the governance, oversight, and continuous improvement of MMS's IAM landscape, with a strong focus on secure access governance across platforms, products, and countries. You will define and own access management policies and frameworks, ensure their consistent implementation, and support both technical IAM teams and business stakeholders in implementing secure identity and access controls.

You will work closely with Cybersecurity, IAM, Cloud Governance, product teams and application/platform owners to align security governance with technical implementation, covering Authorization/Authentication, Account Creation/Management/Provisioning, and Role-Based Security. Your role combines policy and control design, oversight, metrics and reporting, and enablement of teams to manage access securely and efficiently.

Access Governance Framework & Oversight

Own and maintain the Access Management Policy and related governance standards. Ensure consistent implementation and enforcement of the access management policy across all platforms, products, and environments.

Cross-Functional Coordination

Act as the single point of contact (SPOC) for platforms and product teams for all access management process-related topics. Coordinate closely with teams working on technical access management solutions (Cybersecurity, IAM, Cloud Governance, Infrastructure, etc.) to ensure that governance requirements are translated into technical controls.

Access Review & Re-certifications

Drive periodic user access reviews, entitlement recertifications, and access reporting across systems and applications. Partner with application and platform owners to define the scope, frequency and depth of access reviews.

Access Risk Management & Metrics

Identify applications, platforms and products that are non-compliant with the Access Management Policy and other IAM-related standards. Work with relevant owners to track, manage, and report access-related risks, violations, and control gaps.

Continuous Improvement & Enablement

Support the IAM tool projects (e.g. implementation, enhancement or migration of IAM solutions) from a governance and requirements perspective. Provide guidance, enablement and training to application owners, platform teams and business stakeholders on implementing secure access practices and meeting governance requirements.

Technical & Security Responsibilities

Support the definition and governance of sign-on solutions utilizing technologies such as SAML2, OAuth2, LDAP and Active Directory in alignment with MMS security standards. Collaborate with the technical IAM team on the secure design and hardening of IAM software and systems, ensuring that governance policies are technically enforceable.

Do you have experience in Software development?, Do you have a Bachelor's degree?, * Demonstrable experience within a comparable role in IAM, security governance, or access management, ideally with both administrative and security/governance experience.

• Strong knowledge of IAM software, systems and concepts, including role-based security, access governance, and related processes.
• Security knowledge of hardening IAM software and systems, as well as understanding of identity and access risks and controls.
• Experience with SSO implementation, IAM setup and OAuth configuration, and familiarity with standards and protocols including but not limited to SAML, OAuth, SSO and LDAP.
• Experience using cloud-based identity models and integrating cloud services into an enterprise IAM / access governance framework.
• Ability to manage client and stakeholder relationships, ensuring quality of delivery and offering expert advice across Cyber Security, IAM, and access governance topics.
• Proven ability to produce clear documentation, process flows, policies and standards around IAM and access management.
• Experience working on or with enterprise platform teams that support multiple software development product teams., * Display enthusiasm and genuine interest in Information Security and IAM, with the ability to draw recommendations based on real-world experience.
• 5+ years' experience in IAM Security and/or Access Governance, including experience with security principles, role-based security and least-privilege access concepts.
• Bachelor's degree in a relevant field (e.g. Computer Science, Information Security) or equivalent work experience.
• Hands-on experience designing, building, deploying, and/or administering IAM software and hardware, and/or access governance solutions (e.g. access review tooling, IAM/IAG platforms).
• Strong understanding of concepts related to least privilege, access management, roles and privileges, and segregation of duties.
• Ability to communicate and collaborate effectively with other team members and stakeholders in a geographically and culturally diverse workforce.
• Strong sense of professionalism, integrity and ethics, with a risk- and control-oriented mindset.

• Young environment, where not everything is written in stone, and where you are expected to contribute and co-create the culture of the Tech Hub and international collaboration model.

• You'll have a 10% discount on the entire MediaMarkt website, so you can treat yourself at a lower price whenever you want!

• On top of your compensation package, you can request Flexible Pay "MediaFlex program" (a.e. Ticket Restaurant, Private Health Insurance with Adeslas…)

• Flexible working time and possibility to combine home office / presential working. Intensive workday every Friday and during summer.

• The possibility to choose between 2 offices: The first one is the MediaMarkt Iberia HQ with a very attractive menu at a price. You'll eat for less than €4! And the second office is located at Pier01, in Barceloneta, right in the center of Barcelona. Free coffee and free fruit once a week.

• There is a training budget so you can continue developing the skills you need most to keep growing professionally and personally!

• We offer language classes: English, Spanish, and German.

• On your birthday, you won't work! It's a day for you to enjoy without thinking about work.

• You'll be working with the most cutting-edge technological stack of the moment.

• Training plan

• Flexible working schedule, home office policy

• Gym

• Product discounts

• Wellness and healthy plans

• Media Flex, flexible retribution