**Ready to digitalise retail?** **Let's Go!** ============================================= **Senior Software Engineer \- Security Governance Engineer \- IAM (m/f/d)** =========================================================================== We are looking for people who are passionate about technology and are excited to create the best experience for our customers. People who want to make an impact. We are looking for people like you. **Let's Go!** ### **Your tasks** **Identity and Access Management (IAM) Security Governance Engineer** As an Identity and Access Management (IAM) Security Governance Engineer, you will be responsible for the governance, oversight, and continuous improvement of MMS’s IAM landscape, with a strong focus on secure access governance across platforms, products, and countries. You will define and own access management policies and frameworks, ensure their consistent implementation, and support both technical IAM teams and business stakeholders in implementing secure identity and access controls. You will work closely with Cybersecurity, IAM, Cloud Governance, product teams and application/platform owners to align security governance with technical implementation, covering Authorization/Authentication, Account Creation/Management/Provisioning, and Role\-Based Security. Your role combines policy and control design, oversight, metrics and reporting, and enablement of teams to manage access securely and efficiently. **Access Governance Framework \& Oversight** Own and maintain the Access Management Policy and related governance standards. Ensure consistent implementation and enforcement of the access management policy across all platforms, products, and environments. **Cross\-Functional Coordination** Act as the single point of contact (SPOC) for platforms and product teams for all access management process–related topics. Coordinate closely with teams working on technical access management solutions (Cybersecurity, IAM, Cloud Governance, Infrastructure, etc.) to ensure that governance requirements are translated into technical controls. **Access Review \& Re\-certifications** Drive periodic user access reviews, entitlement recertifications, and access reporting across systems and applications. Partner with application and platform owners to define the scope, frequency and depth of access reviews. **Access Risk Management \& Metrics** Identify applications, platforms and products that are non\-compliant with the Access Management Policy and other IAM\-related standards. Work with relevant owners to track, manage, and report access\-related risks, violations, and control gaps. **Continuous Improvement \& Enablement** Support the IAM tool projects (e.g. implementation, enhancement or migration of IAM solutions) from a governance and requirements perspective. Provide guidance, enablement and training to application owners, platform teams and business stakeholders on implementing secure access practices and meeting governance requirements. **Technical \& Security Responsibilities** Support the definition and governance of sign\-on solutions utilizing technologies such as SAML2, OAuth2, LDAP and Active Directory in alignment with MMS security standards. Collaborate with the technical IAM team on the secure design and hardening of IAM software and systems, ensuring that governance policies are technically enforceable. ### **Your profile** * Demonstrable experience within a comparable role in IAM, security governance, or access management, ideally with both administrative and security/governance experience. * Strong knowledge of IAM software, systems and concepts, including role\-based security, access governance, and related processes. * Security knowledge of hardening IAM software and systems, as well as understanding of identity and access risks and controls. * Experience with SSO implementation, IAM setup and OAuth configuration, and familiarity with standards and protocols including but not limited to SAML, OAuth, SSO and LDAP. * Experience using cloud\-based identity models and integrating cloud services into an enterprise IAM / access governance framework. * Ability to manage client and stakeholder relationships, ensuring quality of delivery and offering expert advice across Cyber Security, IAM, and access governance topics. * Proven ability to produce clear documentation, process flows, policies and standards around IAM and access management. * Experience working on or with enterprise platform teams that support multiple software development product teams. **Desired Skills** * Display enthusiasm and genuine interest in Information Security and IAM, with the ability to draw recommendations based on real\-world experience. * 5\+ years’ experience in IAM Security and/or Access Governance, including experience with security principles, role\-based security and least\-privilege access concepts. * Bachelor’s degree in a relevant field (e.g. Computer Science, Information Security) or equivalent work experience. * Hands\-on experience designing, building, deploying, and/or administering IAM software and hardware, and/or access governance solutions (e.g. access review tooling, IAM/IAG platforms). * Strong understanding of concepts related to least privilege, access management, roles and privileges, and segregation of duties. * Ability to communicate and collaborate effectively with other team members and stakeholders in a geographically and culturally diverse workforce. * Strong sense of professionalism, integrity and ethics, with a risk\- and control\-oriented mindset. ### **What's in it for you?** * **Young environment**, where not everything is written in stone, and where you are expected to contribute and co\-create the culture of the Tech Hub and **international collaboration model**. * You'll have a **10% discount** on the entire **MediaMarkt website**, so you can treat yourself at a lower price whenever you want! * On top of your **compensation package**, you can request Flexible Pay “MediaFlex program” (a.e. Ticket Restaurant, Private Health Insurance with Adeslas…) * **Flexible working** time and possibility to combine home office / presential working. **Intensive workday** every Friday and during summer. * The possibility to choose between **2 offices**: The first one is the **MediaMarkt Iberia HQ** with a very attractive menu at a price. You'll eat for less than €4! And the second office is located at **Pier01, in Barceloneta**, right in the center of Barcelona. Free coffee and free fruit once a week. * There is a **training budget** so you can continue developing the skills you need most to keep growing professionally and personally! * We **offer language classes**: **English, Spanish, and German.** * **On your birthday****, you won't work**! It's a day for you to enjoy without thinking about work. * You'll be working with the most **cutting\-edge technological stack** of the moment. * Training plan * Flexible working schedule, home office policy * Gym * Product discounts * Wellness and healthy plans * Media Flex, flexible retribution ### **About us** ### **Your HR contact** ***Angela Paredes***