Distinguished Information Security Engineer – IAM


About the role:

You are an Identity and Access Management (IAM) security professional with solution mindset and hands on security engineering expertise in IAM architecture concepts. You will be a member of the team of cybersecurity engineers at DPDHL IT Services. You will provide direction, execution guidance, propose innovative solutions and influence security of worldwide logistics company. You will collaborate with other teams like Information Security Defense, Information Security Architecture, Risk and Compliance Management to ensure end-to-end implementation of adequate security measures to IAM infrastructure and services to support the IT Services strategy to become the competitive advantage for the DPDHL Group.

What you will do:

• Turn IAM security architecture blueprints into viable technical design and implementation on all layers of IAM infrastructure, services and solutions including authorization, authentication and Account Creation/Management/Provisioning.

• Drive security enhancements and technological innovations in company-wide IAM and Privileged Access. Management (PAM) platforms and processes.

• Promote modern human and machine access control approaches including usage of Multifactor Authentication (MFA), Single-Sign-On (SSO) and Federated Identities.

• Produce security documentation and process flows around IAM as well as participate in security audits.

• Play a vital role as a security visionary and technology guru.

• Assist in the planning, design and development of go-to-production solutions.

• Support projects and business as usual in secure delivery of digital business services.

• Develop and enforce security best practices, company-wide plans and standards.

• Proactively anticipate network or system vulnerabilities and propose how to deal with them.

• Stay up-to-date on the latest security threats and the technology being developed to deal with them.

• Actively investigate on new technologies and facilitate onboarding of next generation of enterprise security architecture and technologies.

• Supervise tests of digital infrastructure for vulnerabilities.

• Ensure proof of concepts of new security technologies addressing emerging threats.

• Support investigation of security-related issues after they happen.

• Supervise preparation and review of security documentation as well as participate in security audits.

• Explore the “art of the possible” to propose the solutions that effectively address the security issues.

• Coordinate collaboration with external service providers.

• Apply industry standard methodologies and frameworks.

You should have:

• Experience in IAM security solution design.

• Excellent working knowledge of current security standards and protocols, including but not limited to SAML, SPML, XACML, SCIM, OpenID 0Auth, SSO and LDAP.

• Experience using cloud-based identity models.

• Experience with IAM solutions within Microsoft Azure, Amazon Web Services (AWS) and/or other cloud providers.

• Knowledge of federation concepts and technologies, e.g. ADFS and Ping Identity.

• Understanding of IAM market capabilities and challenges.

• Some knowledge of scripting languages (vbscript, powershell, perl, javascript, python, etc.).

• Experience with working in international company.

• Strong knowledge of current and legacy security technologies, as well as, emerging technologies and IT trends.

• Background and knowledge of risk assessment technologies and methods.

• Some understanding of security breach protocols and attack vectors..

• Knowledge of cybersecurity best practices.

• Verbal and written communication skills.

• Excellent English and proficient presentation skills.

• Industry recognized security certification and/or relevant vendor certification is an advantage.

What we offer:

• Great multinational team of information security professionals.

• On-going professional and technical trainings and certifications.

• Modern offices in Chodov.

• Home office possibilities

• Permanent contract

• Company Car, Pension plan contribution, Long-term Sickness Insurance

• CAFETERIA employee benefit program with wide selection of benefits from Edenred

• Extra week of holiday (25 days/year), 6 Self-sickness days/year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company

• Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……


Lukáš Mandžikievič
Lukáš Mandžikievič
Recruitment Lead
DHL Information Services (Europe) s.r.o.

V DHL ITS jsem zodpovědný za nábor seniorních pozic a také pozic v oddělení Digital Lab, zabývám se také dalšími úzce specializovanými pozicemi.

Víte o někom, kdo by měl o pozici zájem? Sdílejte!