Identity and Access Management (IAM) Consultant

Job Description & Summary

About the Team:

We help integrate security elements efficiently and reliably into the technological units of the client's business. We provide assurance that any changes affecting the IT environment will be fundamentally safe and allow a quick return on the client's investment. The team, which focuses on identities, privileged access management, and cloud security, is part of our broader Cyber Security team.

About the Manager:

Martin Zbořil is a leader of the Identity and Cloud Security team and his major experience lies in cloud security. Within this area, Martin also finished his PhD study. Besides cloud security, he has extensive knowledge also of many other areas of cybersecurity. Martin builds a cross-functional team that includes the IAM area and cloud security with a strong focus on protection of data in the cloud. Martin pays great attention to upskilling and personal development which might be considered also as his hobby. In his personal life, he is a sports enthusiast and among his favorite sports belong football, golf, skiing, gym, cycling, tennis and many others. 

Job description & summary

As an IAM Consultant, you will leverage your consulting expertise to help clients design, implement, and optimize Identity and Access Management (IAM) solutions, including Privileged Access Management (PAM). You will work closely with clients to understand their security needs, develop tailored IAM strategies, and ensure seamless integration with their existing IT environments. Your role will involve conducting assessments, advising on best practices, and leading the implementation of IAM frameworks that enhance security, compliance, and operational efficiency. This position demands strong interpersonal and communication skills, as you will frequently interact with stakeholders across various industries to provide strategic IAM insights and solutions.

Requirements of the role:

We do not expect that you will master all of this but we value your interest and desire to develop in the following areas. 

• Strong consulting and advisory skills, capable of understanding and addressing clients’ needs.

• Understanding of Identity and Access Management (IAM) principles, frameworks, and best practices.

• Experience or familiarity with Privileged Access Management (PAM) tools and strategies.

• Knowledge of identity lifecycle management, including user provisioning, de-provisioning, and role management.

• Ability to analyze security risks related to identity and access, and propose effective mitigation strategies.

• Understanding of role-based access control (RBAC), multi-factor authentication (MFA), and single sign-on (SSO) implementations.

• Interest in working on security compliance projects related to IAM.

• Experience or interest in leading workshops, trainings, or presentations for clients.

• Desire to work collaboratively with IT teams to implement IAM and PAM solutions.

• Consistent, reliable, and professional personality with a sense of ownership, capable of working within international & diverse teams.

• Excellent interpersonal, verbal, and written skills: ability to clearly and concisely articulate issues, alternatives, and recommendations.

• Proficiency in Czech and English languages.

Your advantages could be:

• Knowledge or even experience with Microsoft Entra ID is a significant advantage. 

• Project management skills - leading projects from design through to implementation.

• Certifications such as CISSP, CISM, or vendor-specific IAM certifications (e.g., from Okta, SailPoint, CyberArk, etc.).

• Knowledge of security protocols such as OAuth, Kerberos, LDAP, SAML, OpenID Connect, etc.

• Familiarity with industry standards and frameworks such as GDPR, CCPA, ISO 27001, and NIST.

• Experience with CyberArk, SailPoint and other technologies in the area of Privileged Access Management and Identity Access Management.

• Experience with integrating IAM solutions in multi-cloud environments (AWS, Azure, GCP).

• Experience with key management. 

• Familiarity with API security, OAuth, OpenID Connect, and SAML for secure identity federation.

• Understanding of Zero Trust architecture and its implementation in IAM solutions.

• Proficiency in German language.

What we are offering:

• Concentrated experience and rapid career growth. It may sound like a platitude, but it really is.

• Paid time off 20 + 5 days, 3 wellbeing days and 2 extra days off from the company at the end of the year.

• High-end Ultrabook and iPhone with unlimited data.

• Possible work from home-office.

• Benefit program with 45.000 points that you can use for holidays, education, food vouchers, sports (Multisport), health... Simply on what you enjoy. 

• Support for your education and development: business and digital trainings, technical certifications (e.g. SANS) or whatever that makes sense and it's related to your job etc..

• Possibility of Secondments - opportunity to work at a foreign PwC office in the future - for example in the USA, Canada, Germany etc..

• Extra-work activities and Away Days (team building, ski weekend, etc..)

• Regular feedback on your work, also consultation with a coach with whom you can address your further development and career direction.

• Buddy system and regular feedback on your work, also consultation with a coach with whom you can address your further development and career direction.

PwC is the largest audit team in the Czech Republic, law, tax, consulting and technology, data or forensic teams. Find out how easy it is to combine this knowledge when you're in the right place. With us, you will get the opportunity to see how business is done in large companies. We are part of an international network of companies with more than 364,000 colleagues in 151 countries. At PwC, we create an inclusive work environment where everyone can be themselves and find their place and opportunity to develop.

Are you interested in our offer? Let us know about yourself and we will discuss more details together!

Ochrana osobních údajů pro žadatele o zaměstnání  / Privacy Statement for Recruitment Applicants

#LI-EK1