Access Management IAM Engineer
Role details
Job location
Tech stack
Job description
REWE digital Spain is located in the Technological Park of Andalusia (PTA) in Malaga. As a team of 60 colleagues, we drive innovation for REWE digital in Germany. Working closely with the team in Germany, you will be responsible for the administration and optimization of our Identity Governance Administration (IGA) platform to ensure secure, efficient, and reliable access for our business applications.
We are looking for an IAM Engineer/IT Engineer to support the modernization of our IAM landscape by designing, implementing, and maintaining innovative technical solutions. Someone who builds and administers IAM and IGA platforms to provide the foundation for automation, self-service, and compliance. What you will do:
-
Design, build, and operate a secure and scalable Identity Governance & Administration (IGA) platform as the foundation for automation and self-service.
-
Develop and maintain technical connectors (e.g via SCIM or REST API) to integrate target systems like AD, Azure/Entra ID, SAP, and various SaaS applications into the IGA platform
-
Support the maintenance of CI/CD pipelines and containerized environments (Docker, Kubernetes) for the deployment and evolution of the IAM platform.
-
Perform hands-on configuration of the IGA tool to align with business requirements.
-
Implement and optimize role-based and context-based access control models (RBAC, CBAC, ABAC, NBAC).
-
Collaborate with security teams to ensure compliance and enable Zero-Trust architectures.
Requirements
-
Strong understanding of Authentication/Authorization and Identity & Access Management/Identity Governance (JML, SoD, Recertification etc.) concepts.
-
Hands-on experience in platform engineering and automation desirable.
-
Proficiency in scripting and developing languages (Groovy, Java, XML, JSON)
-
and implement complex business requirements into streamlined, automated workflows. Skill in analyzing data and creating consistent structures.
-
Experience working in agile environments (e.g., Scrum or Kanban) and a "ProductLed" mindset.
-
Growth mindset and passionate about leveraging new technologies to drive efficiency What you will bring:
-
Degree in Computer Science or equivalent qualification.
-
Proven experience in Identity Governance & Administration (IGA) and IAM platforms.
-
Practical knowledge of directory services (Active Directory, Entra ID, Keycloak).
-
Analytical mindset and ability to design complex authorization models.
-
Strong communication and collaboration skills.
-
Complete fluency in written and spoken English Nice to have:
-
Knowledge of MidPoint or similar IGA solutions.
-
Experience in workflow orchestration and platform modernization.
-
Understanding of Zero-Trust principles and security best practices
Benefits & conditions
-
A startup-like culture with fascinating opportunities, combined with the security of being part of a major corporate force in the REWE Group
-
Challenging tasks but also a tech playground
-
Work in a modern office, fostering creativity, collaboration, and agility
-
A flexible, autonomous work environment where your ideas will contribute to our collective success
-
Open communication culture in an international environment with steady growth, and more to come! Our Benefits:
-
Hybrid work and flexible working time
-
Company conditions for private medical insurance
-
Ticket Restaurant
-
Professional development opportunities: English/German courses, and further IT education/trainings
-
Day off on your Birthday
-
25 days paid vacation
