We are seeking an experienced Senior IAM / Entra ID Specialist to join our security team and take ownership of identity and access management across cloud and hybrid environments. The role sits at the intersection of governance, platform engineering and operations: you will design, implement and run secure identity solutions that enable business agility while meeting regulatory and compliance needs.

Key responsibilities

• Lead the design, implementation and operationalisation of Entra ID (Azure AD) based identity solutions, including tenant configuration, hybrid identity, B2B/B2C scenarios and conditional access.

• Define and maintain access governance: role modelling, RBAC and ABAC patterns, access reviews, entitlement management and privileged access controls (JIT/JEA).

• Implement and manage secure authentication and federation: SAML, OAuth2, OpenID Connect, and integration with on-prem Active Directory or federation services where required.

• Develop and maintain automation and infrastructure-as-code for IAM (Terraform, ARM/Bicep, GitOps), plus scripts and runbooks (PowerShell, Python) to enable reliable, repeatable operations.

• Work with platform, cloud and application teams to embed secure identity practices into deployments, ensuring least privilege and separation of duties are enforced.

• Define and enforce IAM policies, conditional access strategies, device and identity protection (Microsoft Defender for Identity / Entra ID Protection) and monitoring/alerting for suspicious activity.

• Manage third-party and supplier access, defining security requirements, onboarding processes and periodic review workflows.

• Contribute to the organisation’s ISMS and compliance activities (ISO 27001, NIS2-relevant controls), providing artefacts, evidence and technical guidance for audits.

• Provide mentoring and knowledge transfer across the organisation, including documentation of policies, procedures and runbooks.

• Participate in incident response for identity-related events and support on-call rotations as required.

Who we are looking for

• Proven experience designing and operating Entra ID / Azure AD at scale in commercial or regulated environments.

• Deep knowledge of IAM concepts and technologies: RBAC, ABAC, Privileged Access Management, JIT/JEA, entitlement management and access review processes.

• Hands-on experience with federation and authentication protocols (SAML, OAuth2, OIDC) and integration with on-prem Active Directory or ADFS.

• Strong automation skills using PowerShell and at least one scripting or programming language (Python preferred).

• Experience with infrastructure-as-code and GitOps workflows (Terraform, ARM, Bicep, GitHub Actions, Azure DevOps).

• Familiarity with Microsoft security tooling (Defender suite, Sentinel) and log/monitoring practices for identity telemetry.

• Understanding of governance, risk and compliance frameworks (ISO 27001, NIS2 or equivalent) and supplier security management.

• Excellent communication skills and the ability to collaborate with technical and non-technical stakeholders.

• Fluency in English is required. Proficiency in Swedish is meritorious.

Personal qualities

• Self-driven and pragmatic with a hands-on mindset.

• Structured, process-oriented and comfortable producing clear documentation.

• Prestige-free team player who can teach others and work across organisational boundaries.

• Curious and committed to continuous improvement and keeping up with identity security developments.

What we offer

• Meaningful assignments where your IAM designs and decisions have direct impact on security and delivery.

• Collaborative, engineering-driven culture that values competence and long-term quality.

• Opportunities for professional development, certification support and exposure to a wide range of cloud and security projects.

• Flexible working arrangements and an environment that supports ownership and autonomy.

Technologies and tools you may work with

• Entra ID / Azure AD, Active Directory, ADFS

• Conditional Access, Intune, Defender for Cloud/Identity, Microsoft Sentinel

• Terraform, ARM, Bicep, GitOps pipelines (GitHub Actions, Azure DevOps)

• PowerShell, Python

• SSO protocols: SAML, OAuth2, OpenID Connect

Why Yora

• Modern technology within AI, cloud, and security
  Environments where quality and precision are prioritized over speed
  Solutions where security and robustness are critical