Skip to main content

Senior Security Engineer IAM (m/w/d)

Ismaning
Full-time
Permanent employee

Cultural Fit

Your heart beats for identity and access management, and you're driven by the mission to minimize digital risks and build trust? You enjoy turning complex security requirements into practical, actionable controls? A supportive culture, strong teamwork, and continuous development matter just as much to you as technical expertise? Then welcome to AND-E!

How you'll make an impact

  • Own IAM strategy across Entra ID and Active Directory
  • Manage conditional access, PIM/PAM, and identity lifecycle governance
  • Develop identity-centric detections and threat-hunting workflows, analyzing Entra ID logs and privilege escalation paths in alignment with the SOC
  • Partner with Infrastructure, Client Services, and Cloud Admin teams to review and implement controls across endpoint, email, network, and cloud environments
  • Act as internal advisor for Splunk Cloud SIEM and Cribl Stream/Edge, partnering with the MSSP on detection engineering and optimization
  • Oversee vulnerability management and quality-assure penetration tests
  • Serve as senior escalation point for complex SOC investigations
  • Mentor SOC analysts and junior engineers
  • Contribute to the long-term security roadmap
  • Keep leadership informed on risks and developments and maintain clear architecture and process documentation

What it takes to succeed in this role

  • Bachelor's degree in IT Security, Cyber Security, or comparable qualification (or equivalent practical experience)
  • 5+ years in IT security engineering or operations, with significant hands-on IAM responsibility
  • Deep expertise in Entra ID, Active Directory, MFA/passwordless, SSO protocols (SAML, OIDC, SCIM), and identity governance
  • Strong foundation in zero-trust architecture and frameworks such as NIST, ISO 27001, or MITRE ATT&CK
  • Working knowledge of Splunk Cloud SIEM, CyberArk, SailPoint IdentityIQ,and Cribl Stream/Edge
  • Familiarity with AWS, Proofpoint, and Zscaler/Cisco/FortiGate
  • Proficiency in PowerShell, Python, or Microsoft Graph API
  • Very good English communication skills (German desirable)
  • Certifications such as Microsoft SC-300, SC-100, AZ-500, CISSP, CIDPRO, AWS Security Specialty, GIAC (GCIH, GCIA, GCFA), or Splunk/Cribl are considered a plus

Why join us?

  • Growth is important to us, that’s why we support your personal and professional development
  • A working environment based on trust, encouragement and constructive feedback
  • Collaboration with people from different countries and cultures
  • 32 days annual leave plus 2 days off
  • Flexible working hours and home office policy (approx. 60% possible)
  • Attractive employee conditions for car insurance
  • Exceptional company benefits: Employer subsidy for occupational pension scheme and disability pension, supplementary company health insurance, capital-forming benefits
  • Optional: Job ticket, car parking spaces, monthly travel allowance
  • EGYM Wellpass
  • Financial subsidy as a small wish-fulfiller
  • Free coffee, tea, water and weekly fruit delivery
  • Health management and pme family service

About us

At AND-E, we're redefining the future of mobility insurance. As part of the global MS&AD Group and in close partnership with Toyota, we aim to make tomorrow's journeys simpler, safer, and smarter. Our expertise spans over 30 markets in Europe and South Africa, providing tailored insurance solutions for Toyota and Lexus customers and various white-label partners. In Germany, our offerings include motor insurance, commercial fleet coverage, payment protection insurance, and support for Japanese businesses operating abroad.  

Our commitment extends beyond business: at AND-E we support our people to grow, make a difference for customers, and help shape the future of connected mobility protection.