IAM Architect – User Provisioning & Access Control
IAM Architect – User Provisioning & Access Control
Portugal - Lisbon APLICAR AHORAJoin our team at AMGEN Capability Center Portugal, the #1 company in Best Workplaces™(201–500 employees' category) in Portugal in 2024 by the Great Place to Work Institute. With over 500talented individuals from more than 40 nationalities, our Lisbon center thrives at the intersection of innovation, excellence, and inspiration. This is your opportunity to explore the future of healthcare through technology and digital innovation, supporting our mission To Serve Patients.
IAM ARCHITECT – USER PROVISIONING & ACCESS CONTROL
At AMGEN, Technology isn’t just a support function—it’s a catalyst for discovery, transformation, and real-world impact. Here, your ideas fuel innovation that improves and saves lives of patients in dire need of our medicines.Are you ready to do meaningful work that matters?
LIVE
WHAT YOU WILL DO
As a IAM Architect – User Provisioning & Access Control at AMGEN’s Capability Center Portugal (ACCP), you will take the lead in designing and implementing robust information system architectures that support evolving business needs. Your role will involve analyzing requirements, crafting scalable architectural solutions, evaluating cutting-edge technologies, and ensuring alignment with industry standards, governance frameworks, and best practices.
You will be instrumental in building secure and scalable identity governance solutions, with a strong focus on developing and refining Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) models.
Let’s do this. Let’s change the world. In this vital role you will:
Design and implement comprehensive identity provisioning workflows for users, systems, and applications
Develop standardized models to support joiner/mover/leaver processes
Ensure solutions are scalable, secure, and compliant with internal policies and external regulations
Provide technical and governance oversight across all provisioning projects, acting as the lead architect from analysis through delivery
Lead the development and continuous improvement of RBAC models, including role mining, engineering, and lifecycle management
Define and manage identity governance policies, including access reviews, certifications, and entitlement management
Integrate governance frameworks with provisioning and access control mechanisms
Manage access reviews and certifications, enforce Segregation of Duties (SoD) controls, and ensure audit readiness
Support governance reporting, compliance audits, and risk assessments
Define response and remediation procedures for identity-related issues
Collaborate with infrastructure and application teams to integrate IAM tools with enterprise systems
Automate provisioning and deprovisioning tasks using scripting and workflow tools to enhance efficiency
Provide strategic direction and technical leadership in provisioning architecture
Promote best practices in access control, least privilege, and zero trust principles
Partner with stakeholders across security, compliance, HR, and IT to align provisioning capabilities with business objectives
This position may include after-hours and on-call responsibilities
WIN
WHAT WE EXPECT OF YOU
We are all different, yet we all use our unique contributions to serve patients. The tech professional we seek is a creative problem-solver and a team player with these qualifications:
Holds a relevant degree and has deep expertise in identity provisioning across hybrid environments
Experienced in IAM architecture, including RBAC, ABAC, and policy-driven access models
Proficient in directory services (Active Directory, LDAP) and account reconciliation
Skilled in IAM tools (e.g. SailPoint, CyberArk, Okta, ForgeRock, Microsoft Entra ID) and protocols (SAML, OAuth, SCIM)
Familiar with automation scripting (PowerShell, Python) and workflow tools
Understands compliance frameworks (SOX, GxP) and has experience with audits and risk assessments
Strong communicator with excellent documentation and stakeholder management skills
Holds relevant certifications (e.g. CIAM, CISSP) and has exposure to CIEM, PAM, or IGA platforms
Experienced in cloud-based access governance (AWS, Azure, GCP)
Demonstrates strong analytical, troubleshooting, and problem-solving abilities
Available for rotational on-call duties during evenings and weekends
THRIVE
WHAT YOU CAN EXPECT OF US
As we work to develop treatments that take care of others, we also care deeply for our teammates’ well-being and growth.
Work That Matters – Build tech that accelerates scientific breakthroughs and helps patients worldwide.
Modern Tech Stack – Cloud-first, automation-focused, AI-powered.
Global Scale, Agile Mindset – Collaborate across continents while working in nimble, high-impact teams.
Continuous Learning – Access to certifications, trainings, mentorship, and career mobility.
AMGEN Total Rewards Plan – Comprehensive benefits in healthcare, finance, and well-being.
Flexibility – Hybrid work model with time split between our Lisbon office and remote work.
APPLY NOW
Objects in your future are closer than they appear. Join us.
CAREERS.AMGEN.COM
EQUAL OPPORTUNITY STATEMENT
AMGEN is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.