Swissport – Job Description

Job title Senior Identity & Access Management (IAM) Engineer

Business area (e.g. Group, Division, Function) IT

Reports to (Job Title) IT Service Delivery Manager – Workplace and Datacentre Services

Number of direct reports (Minimum) None

Overall Job Purpose

This is a genuinely senior, hands-on IAM role. If your experience is limited to BAU ticket queues, access requests, or following runbooks written by someone else, this role is not for you. You will own IAM as a technical discipline, defining standards, not afraid to ask tough question and challenge the status quo, driving automation, security, and resilience across a complex enterprise environment. This Role Is Not  A first “step up” into seniority  A pure operations or access-request role  A position where requirements are handed to you fully formed  A role where poor design is accepted because “that’s how it’s always

been”

What Will Make You Stand Out

 Experience implementing IGA or PAM solutions in anger  Track record of reducing manual access, not increasing headcount  Ability to challenge stakeholders while staying credible and pragmatic  Clear evidence you’ve improved security and user experience

What You’ll Get

 The autonomy to design and fix IAM properly  Support to modernise and automate, not just maintain  A role where your decisions matter and are visible  If you’re uncomfortable being accountable, making technical decisions, or

being challenged on your designs — this won’t be a good fit.  If you are the person everyone already goes to when identity breaks, we

want to talk to you.

2

Key Accountabilities

 Acting as the technical authority for IAM, decisions, designs, and outcomes sit with you

 Designing and implementing IAM solutions end-to-end (not just operating them)

 Defining “what good looks like” for identity lifecycle, access governance, and authentication

 Ensure robust privilege access across our IDP's  Building and improving Joiner-Mover-Leaver processes with automation

as the default  Designing and enforcing RBAC / least-privilege models that scale  Owning Conditional Access, MFA strategy, and identity security posture  Leading access reviews, audit responses, and remediation, not being led

through them  Diagnosing complex identity failures across hybrid, cloud, and SaaS

platforms  Producing architecture, standards, and documentation that others can

follow  Coaching junior engineers and raising the bar across the team

Key relationships

Internal  Wider technical infrastructure team  CISO  Service and Application Owners  IT Service Delivery Manager – Workplace and Datacentre Services  CTO External  Modern Workplace Supplier  Internal and External Audit teams

Person specification

Core skills & competencies  You should already be comfortable designing, renewing, and fixing IAM

systems.  Strong, hands-on experience with enterprise IAM platforms  (Entra ID / Azure AD, Active Directory, OneID, or equivalent) Expertise & knowledge  Authentication vs authorisation (and when each goes wrong)  SSO, federation, tokens, and identity flows  MFA, Conditional Access, and identity threat mitigation Technology  Microsoft best practices in modern Identity management  Core certified technology skills (essential)

Qualifications  Good level of IT literacy and proficiency in a broad range of areas  ITIL

Date created (month- year)

February 2026

Created by (name) Michael Sharp