Location: ES Professional Profile: Cybersecurity Required Experience: Position Modality: Hybrid ### **This is the challenge** At **IndraMind**, we know that talent is key to driving change and building a safer digital future. If you're ready to take on new challenges, lead high-performance teams, and contribute your expertise in identity and access management, this is the place for you. Join our team as an **EntraID/AD Administrator** and become part of a continuous transformation, where your technical knowledge and strategic vision will be essential to ensure security, consistency, and efficiency in identity management within hybrid and cloud environments. ### **About the team** Being part of the Identity and Access team at **IndraMind** means working at the core of secure user management, privileged accounts, and critical access in large organizations. We are responsible for defining, implementing, and operating identity models that guarantee control, traceability, and governance of access in complex environments. From directory and federation administration to automation of life cycles and exception management, our team drives the protection of digital identities and alignment with the highest corporate security standards. If you are passionate about technical challenges, innovation in identity models, and continuous improvement of IAM processes, at **IndraMind** you will find an environment where your impact will be key to the security of our clients. ### **Reasons to join IndraMind** At **IndraMind**, we work so our professionals can achieve the perfect balance between their personal and professional lives. That’s why we offer: **Human and challenging environment** An exceptional team where you can collaborate with specialized professionals who are always up to date, in an environment that fosters innovation, respect, and collective growth. Unique and challenging projects with cutting-edge technologies, where your leadership and experience will be central. **Work-life balance and flexibility** Adapted work models: 100% remote or hybrid, depending on the role. Flexible working hours. 32 working days of annual leave. Summer reduced hours and every Friday. **Professional Development** Personalized career plans that will allow you to reach your full potential. Continuous training with free access to UDEMY and technical certifications. **Competitive Conditions** Permanent contract and compensation aligned with your experience and profile. Life insurance. Access to flexible compensation plans: meal card, childcare, transportation, and private health insurance. **Comprehensive Well-being** Well-being program: access to a network of gyms, medical check-ups, office physiotherapy, health workshops, and online telemedicine services. ### **What you will do with us** * Design and implement the **lifecycle and governance of service accounts**, including provisioning, ownership assignment, and certification processes. * Define and integrate a consistent **infrastructure identity model**, aligned with **PAM (Privileged Access Management)** and **SailPoint** solutions. * Develop and maintain a **centralized exception governance portal**, including certifications and automated processes. * Ensure consistency between access policies, RBAC roles, permission delegation, and hardening practices in hybrid environments. * Collaborate with security, infrastructure, and cloud teams to align identity management with corporate policies and security regulations. * Participate in the definition of technical controls and bastion processes in on-premises and cloud environments. ### **What we are looking for in you to be part of this transformation** * Active Directory (mandatory): user, group, OU management, FSMO roles, permission delegation, GPOs. * Securing environments according to bastion policies. * Installation, updating, and maintenance of agents, as well as onboarding of new environments. * PowerShell (automation and scripting). * Experience with **ADConnect** and **Azure Entra ID** (highly desirable). * Application registration and integration (SAML, OIDC, SCIM). * Administration of conditional access policies, MFA, and PIM. * Management of RBAC roles and permission delegation. * Administration of the **ADDS** service, **B2C** tenants, and hybrid identity solutions. * Defender for Identity, Identity Protection, and Password Protection. * Knowledge of **federation and secure authentication**: Kerberos, LDAP, SAML, OpenID Connect, OAuth. * Management of authorization models (RBAC) and privileged groups both on-premises and in public cloud (Azure). * Experience integrating with identity repositories (Azure AD, ADDS, B2C, B2B). **Valued education and certifications:** * Degree in Computer Engineering, Telecommunications, or similar. * Desired certifications: **Microsoft Entra ID**, **Azure Administrator Associate**, **Identity and Access Administrator Associate**, **ITIL**, **CISSP**, or equivalents. ### **IndraMind, Beyond diversity** Our commitment is to promote work environments where people are treated with respect and dignity, fostering professional development, and ensuring equal opportunities in recruitment, training, and promotion, offering a workplace free from any discrimination based on gender, age, disability, sexual orientation, gender identity or expression, religion, ethnicity, marital status, or any other personal or social circumstance.