Senior Identity and Access Management Engineer

Hybrid - Full Time - Information Security Department

Kazakhstan

Application ID: 6628

We are looking for a Senior IAM/PAM Engineer with strong PAM expertise and hands-on experience working with vendor platforms, including SailPoint.
The role combines both engineering and analytical responsibilities: building and enhancing connectors and scripts, designing and maintaining RBAC/ABAC models, automating JML processes, configuring access policies and certification campaigns, and driving IAM process maturity in line with Zero Trust principles.
We expect a mature, autonomous senior professional who can independently own solutions, improve processes, and act as a trusted expert in collaboration with business stakeholders and vendors.

Apply for this position

Key Responsibilities

Design, deploy, and manage IAM/IGA/PAM solutions;
Build and fine-tune system connectors using IAM/IGA/PAM solutions;
Integrate identity data sources such as HR and ITSM systems;
Manage and fine-tune identity lifecycle processes: Joiner, Mover, Leaver (JML);
Automate access provisioning and deprovisioning across using APIs, SCIM, or middleware;
Configure access reviews, certification campaigns, and policy enforcement;
Collaborate with IT support, infrastructure, HR, and system owner teams to align IAM processes with security standards;
Support Zero Trust implementation and develop robust RBAC/ABAC models;
Investigate IAM-related incidents, ensure audit readiness (SOX, GDPR, ISO 27001, NIST);
Maintain documentation for IAM architecture, processes, and controls.

Skills, Knowledge and Expertise

Must-Have:
4–6+ years of experience in IAM / PAM / Information Security;

Proven hands-on experience with IAM/IGA solutions:
- Source configuration, policy setup, provisioning rules.
- Identity correlation, transformation rules, and workflows.
- Certification campaigns and access governance.
Knowledge of Google Workspace, GCP IAM, AWS IAM and Jira cloud;
Knowledge of IAM protocols: SAML, SCIM, OAuth 2.0, OpenID Connect;
Hands-on experience with building global RBAC/ABAC access models and their maintenance;
Working knowledge of Zero Trust, least privilege, and JIT provisioning principles;
Proficiency in scripting or programming (e.g., Python, PowerShell, Java, REST APIs);
Experience with Git and IAM process automation;
English proficiency: Upper-Intermediate (B2) or higher.

Nice to Have:

Experience integrating with HR and ITSM systems;
Experience integrating finance systems (e.g., Netsuite, ZIP, Yokoy);
Experience with IAM/IGA systems (e.g., Sailpoint, Okta, One Identity);
Experience with PAM systems (e.g., Teleport, Boundary, CyberArk)
Experience migrating from legacy IAM systems to cloud-native platforms;
Relevant certifications CISSP / CIMP / Azure / Okta / AWS / Sailpoint certifications.

Conditions & Benefits

Stable salary, official employment
Health insurance
Hybrid work mode and flexile schedule
Relocation package offered for candidates from other regions
Access to professional counseling services including psychological, financial, and legal support
Discount club membership
Diverse internal training programs
Partially or fully payed additional training courses
All necessary work equipment

Interested? Fill out the form below!

First name ^* Last name ^* Email ^*

Upload your CV ^*

Select File (max 5MB)

Additional info (optional)

Visit our Applicant Privacy Notice to learn how we collect, use, and share personal information.

Please take a moment to answer a few quick questions. Your input helps us understand how people discover inDrive and improve how we connect with future talent.

Are you willing to relocate for this role? *

Have you previously been employed by inDrive?

I confirm that I do not reside in or perform work from any of the following locations: Russia, Crimea region, So-Called Donetsk People’s Republic and Luhansk People’s Republic, Zaporizhzhia and Kherson regions, Belarus, Cuba, Iran, North Korea, Syria. *

Please specify what your different form of work authorization is *

What is your current location (City, State/Province, Country)? *

What is your desired salary range (in USD as net annual)? *

What is your legal right to work in the job's location? *

What type of employment are you open to? *

Thanks for applying and for your interest in inDrive!

We appreciate the time and energy you put into this process. Our team will carefully review your application, and if you’re selected for the next round, we’ll be in touch.

While we’d love to respond to everyone, the volume of applications we receive makes it challenging. But we truly appreciate you choosing to ignite your inner drive with us!

In the meantime, stay connected! Follow us on LinkedIn, Instagram, and Facebook to keep up with the latest inDrive updates and stories.