IAM / IDAM Security Engineer | Brussels (Hybrid)
Join a global financial market infrastructure and take ownership of critical identity systems that protect some of the world's most sensitive data.
Make sure to apply quickly in order to maximise your chances of being considered for an interview Read the complete job description below.
About the role
You'll be joining the Identity & Access Management team inside a large, security-driven organisation operating at the heart of global financial markets. IDAM is responsible for implementing, operating and continuously improving all access control across an extensive, heavily regulated IT infrastructure — ensuring every user has the right access, at the right time, for the right reasons.
The team covers access management, user lifecycle management, privileged access management, recertification, and both delivery and advisory services. As an IAM/IDAM Security Engineer, you will own meaningful parts of this infrastructure — engineering, automating and securing identity systems at scale.
What you'll do
* Design, implement and maintain IAM solutions and automation workflows that reduce manual effort and enforce security policy
* Act as a senior escalation point (3rd line) for identity infrastructure — troubleshoot complex issues across systems, connectors and integrations
* Develop and maintain architectural documents, technical diagrams, process flows and system configurations
* Conduct security assessments and risk analysis; recommend and implement remediation controls
* Collaborate with IT ops, network security, compliance and application teams to align identity initiatives with regulatory requirements
* Onboard application teams to identity and secrets management services; maintain customer guides and operational runbooks
* Transfer knowledge to 2nd-line support and operations; mentor team members
* Contribute to on-call rotation and business continuity activities
What you bring
* 3–5+ years of hands-on IAM/IDAM engineering experience in an enterprise environment
* Strong Active Directory and LDAP knowledge — administration, delegation, group strategy, authentication concepts
* Experience with one or more core IAM platforms: SailPoint IdentityIQ, HashiCorp Vault Enterprise, or equivalent xsgtzvk
* Scripting and automation skills — advanced PowerShell and/or infrastructure-as-code tooling (Terraform, Ansible)
* Familiarity with PAM and SIEM integrations
* Knowledge of Windows and/or Linux server environments (RHEL a plus)
* Agile/Scrum experience in cross-functional, multicultural teams
* Strong communicator — able to translate technical risk to both technical and non-technical audiences
Technical depth valued:
SailPoint IIQ · HashiCorp Vault Enterprise · PowerShell · Terraform · Ansible/AWX · Active Directory · CyberArk · RHEL · Splunk · SQL · Power BI · Jenkins · ELK Stack · ServiceNow · Azure DevOps
Location: Brussels — minimum 2 days on-site per week