Kindred Group plc

Senior IT Engineer - Identity & Access Management

Stockholm, Stockholm County, SE

11 days ago
Save Job

Summary


About Us



At FDJ UNITED, we don't just follow the game, we reinvent it. FDJ UNITED is one of Europe’s leading betting and gaming operators, with a vast portfolio of iconic brands and a reputation for technological excellence. With more than 5,000 employees and a presence in around fifteen regulated markets, the Group offers a diversified, responsible range of games, both under exclusive rights and open to competition. We set new standards, proving that entertainment and safety can go hand in hand. Here, you’ll work alongside a team of passionate individuals dedicated to delivering the best and safest entertaining experiences for our customers every day.



We’re looking for bold people who are eager to succeed and ready to level-up the game. If you thrive on innovation, embrace challenges, and want to make a real impact at all levels, FDJ UNITED is your playing field. Join us in shaping the future of gaming. Are you ready to LEVEL-UP THE GAME?



About the Role



As a Senior IT System Engineer - Identity Specialist, you will be responsible for the strategic ownership, design, and development of our corporate identity solutions using Microsoft Entra. This role requires a profound expertise in identity and access management (IAM) principles, and mandates a leadership role in shaping and securing our identity solutions in alignment with our company's Zero-Trust security framework.



Responsibilities



  • Own a domain as the subject matter expert, staying up to date on new trends and capabilities within the supporting tools and incorporating relevant changes into our Corporate IT roadmap
  • Collaborate with other Corporate IT senior engineers, solution architects, domain experts and Helpdesk staff to test, deploy, communicate and support end user impacting changes into our Corporate IT
  • Coordinate medium to large scale corporate IT projects, defining business requirements, designing technical solutions and coordinating a squad of L2 Engineers for its implementation, testing, global deployment and maintenance
  • Work in autonomy to translate business requirements into technical solutions, leveraging our existing ecosystem and licenses everywhere possible
  • Automate tasks or empower end users with self-service capabilities, in respect of our security policies, to reduce maintenance and support overhead across the team
  • Oversee the definition and maintenance of our documentation corpus, both technical and end-user oriented, to facilitate maintenance and troubleshooting tasks.
  • Designing, implementing and maintaining Corporate IT services in the following areas :
  • Identity & Access Management: Manage company identities within Microsoft Entra, encompassing employee identities and service accounts to ensure secure and efficient access control.
  • Conditional Access Policies: Develop and maintain Conditional Access Policies in accordance with Zero-Trust principles, such as enforcing phishing-resistant authentication mechanism, compliant device, blocking legacy protocols, etc.
  • Permissions Management: Discover and remediate and monitor permission risks for our corporate identity and resources, including in third party cloud environment
  • Privileged Access Management: Implement and maintain PAM and Secrets management solutions, such as providing just-in-time access to critical resources, secure remote access using secure gateways, automated secret rotation, monitoring of privileged sessions, etc.
  • IAM Solutions: Implement and manage the Identity and Access Management solutions within Microsoft Entra. Responsibilities include identity governance (joiner, mover, leaver processes), role mining, access recertification campaigns, and creating Access packages.
  • B2B Security: Define and maintain secure B2B trust relationships with partners, ensuring robust security protocols are in place and adhered to.
  • Workload Identities: Develop and secure Workload identities, tailoring security measures to meet specific operational needs.
  • Modern Authentication Technologies: Maintain modern authentication technologies, such as Windows Hello for Business, Certificate-Based Authentication, and Passwordless phone sign-in.
  • SSO and automated provisioning for Corporate Apps: Integrate and maintain corporate applications in Entra Single Sign-On (SSO) systems, setting-up SCIM, ensuring seamless access across platforms according to policies
  • Ensure that you adhere to the Governance, Risk & Compliance (GRC) obligations for your role.
  • Identify and raise any non-compliance incidents promptly to your line manager.
  • Challenge processes, policies and projects that will negatively impact compliance within the Group.
  • Complete all mandatory compliance training assigned to you.
  • Reach out to the Compliance Teams if unsure of any of your compliance obligations or the requirements are unclear.




Desired



Extended knowledge in at least one of the following domains in order to support and backup other Senior IT engineers in those respective areas: Endpoint management, Application & Data Management, Infrastructure & Corporate Network.



As an "Endpoint" specialist:



  • Endpoint Security Baselines: Define, implement, and maintain security baselines for all company endpoints, including Windows laptops, Macbooks, company iPhones, and Android phones, following industry best practices.
  • Modern Endpoint Login Capabilities: Deploy and maintain modern endpoint login capabilities, such as Windows Hello for Business and Certificate-Based Authentication, both locally and through remote login methods like RDP.
  • EDR Solution Management: Work with the internal SOC to fine-tune our Microsoft Defender EDR solution, leveraging all available hardening capabilities on each platform.
  • Browser Policy Management: Define and implement browser policies that balance usability and security.
  • Local Admin Policies: Implement policies ensuring that high privilege access is managed with just-in-time and just-enough access principles, using Microsoft LAPS and endpoint privilege management tools.
  • Device Management: Define, deploy, and maintain modern device management, configuration, and compliance policies using Microsoft Intune.
  • Patching Management: Define and maintain patching management capabilities for MacOS and Windows, focusing on automation wherever possible.
  • Corporate Apps Deployment: Deploy and maintain up-to-date corporate applications to our Mac and Windows endpoints.
  • Asset Inventory Maintenance: Maintain our asset inventory, recording all corporate IT assets from purchase to decommissioning.
  • Automatic Provisioning: Deploy and maintain automatic provisioning systems to provide an excellent Out of Box experience for employees, leveraging Zero touch and platform-specific capabilities such as Autopilot.
  • Maintaining expertise: Continuously stay up to date on new Intune capabilities and work on implementing Microsoft recommended practices to improve our Secure Score in the Endpoint area.
  • Remote Assistance: Deploy and maintain remote assistance capabilities across our fleet to support Helpdesk staff in assisting employees regardless of their location.



As an "Applications & Data management" specialist:



  • Data Lifecycle and Retention Policies: Define, implement, and maintain data labelling and retention policies based on business requirements.
  • Data Protection Templates: Develop and maintain data protection templates aligned with the company's Information Classification policies, tailored to fit main business use cases around data sharing and processing.


How strong is your resume?

Upload your resume and get feedback from our expert to help land this job