Overview
Identity Governance and Privileged User Engineer – Bioggio
Company Description
Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.
We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.
Job Description
Join the IAM team to manage privileged access and identity governance. Work with One Identity Safeguard and One Identity Manager to secure accounts, support JML processes, and integrate applications.
Your key tasks
Privileged Access Management (PAM)
- Operate and maintain One Identity Safeguard
- Manage credential policies, password rotation, and integrations
- Onboard systems and accounts into PAM
- Monitor platform health and troubleshoot issues
Identity Governance (IGA)
- Support JML processes with One Identity Manager
- Maintain workflows, mappings, and job server operations
- Integrate new applications and validate access assignments
Documentation
- Maintain SOPs, runbooks, and audit-compliant records
Systems & Infrastructure
- Manage IAM components on Windows/Linux
- Perform patching, hardening, and monitoring
- Provide L2/L3 support for IAM and directory services
Automation & Tooling
- Automate with Terraform and Ansible
- Develop PowerShell scripts; use SQL for troubleshooting
Qualifications
- Degree in IT or a related field
- 2–3 years of experience in PAM/IGA roles
- Hands-on experience with One Identity Safeguard or similar tools (e.g., CyberArk, BeyondTrust, Delinea)
- Strong Windows and Linux engineering skills
- Solid knowledge of AD, Azure AD/Entra ID, LDAP, and authentication protocols
- Proficiency in Terraform, Ansible, and PowerShell; SQL knowledge preferred
- Strong documentation skills and a compliance-focused mindset
- Fluent in English; German or French is a plus
Additional Information
We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices.
In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self.
We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way.
Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.
#LI-Hybrid
IMPORTANT: Before applying for this role, please make sure you have the right to work in the country where the role is based. Unless it clearly stipulates within in the job advert above that the hiring company is looking to or able to sponsor applicants it is deemed that the hiring employer will only consider applications from those able to comply with and work in the country where the role is based.
