We're looking for an experienced Identity & Access Management (IAM) architect to help our customer replace an old in-house system with a modern, Azure-based solution. The work is mostly remote but requires at least two days each week on-site in Helsinki.

Work Location
Hybrid: minimum two days per week at the customer’s office in Helsinki; other days remote.

Main Tasks
- Design a new IAM system with Azure AD and related cloud tools.
- Split key features (legal entity and contact data) from the legacy system into separate modules.
- Ensure the new design follows the customer’s security and enterprise-architecture rules.
- Cooperate with security, infrastructure, legal, and application teams.
- Configure Azure Conditional Access, PIM, and B2B/B2C federation.
- Define IAM governance (policies for authentication, authorization, and user lifecycle).

Expected Deliverables
- Migration plan from the legacy IAM to the new cloud setup.
- Modularisation plan for company and contact data.
- Detailed Azure AD design documents (login flows, RBAC, federation).
- IAM policy documentation (access rules, user lifecycle, privileged access).
- Risk and compliance assessment for the migration.