Richemont Access Management Security Engineer

About Richemont

Richemont is a global luxury goods group that houses multiple high-end maisons across watches, jewelry, writing instruments and accessories. As a steward of numerous heritage brands, Richemont combines artisanal craftsmanship with a centralized corporate structure that invests in digital platforms and enterprise-scale IT to support a diversified portfolio of maisons.

Role & Responsibilities

• Design, implement and operate enterprise identity and access management (IAM) solutions including SSO, provisioning, deprovisioning and access governance.
• Manage and administer directory services and identity providers (e.g., Active Directory, Azure AD/Entra ID) and integrate cloud and on-premises applications via SAML, OAuth2/OIDC and LDAP.
• Deploy and maintain privileged access management (PAM) controls and secrets management, ensuring least-privilege access for critical systems.
• Automate user lifecycle processes, access requests and certification campaigns through workflows, APIs and orchestration tools.
• Collaborate with security, infrastructure, application and business teams to define RBAC roles, entitlement models and access policies aligned with compliance requirements.
• Monitor IAM-related events, support incident response for identity-related threats, and tune detection rules in SIEM or logging platforms.
• Produce technical documentation, runbooks and architectural diagrams; deliver training and knowledge transfer to operations and application teams.
• Participate in security reviews for new integrations, cloud migrations and third-party vendor onboarding from an identity perspective.

Qualifications

• Bachelor's degree in Computer Science, Information Security, Engineering or equivalent practical experience.
• Minimum 3 years of hands-on experience in enterprise IAM, SSO and privileged access technologies.
• Proven experience with directory services (Active Directory), Azure AD/Entra ID and modern identity protocols (SAML, OAuth2, OpenID Connect, LDAP).
• Experience implementing or operating PAM solutions and defining RBAC/entitlement models.
• Proficiency in scripting or automation (PowerShell, Python or similar) and working with REST APIs.
• Strong stakeholder management and ability to translate security requirements into operational solutions.
• Professional security certifications such as CISSP, CISM, or IAM-specific certifications are a plus.

Skills

Experience

At least 3 years of direct, practical experience implementing and supporting enterprise identity and access management solutions across hybrid on-prem and cloud environments, including SSO, provisioning/deprovisioning, and privileged access controls.

Education

Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering or equivalent professional experience.

Workplace

Culture

Richemont fosters a collaborative environment that balances respect for artisanal heritage with a strategic commitment to digital transformation. The workplace typically values precision, cross‑functional collaboration and a measured approach to innovation, with a focus on protecting the reputation and assets of multiple luxury maisons.

About Cerulean

Cerulean is the definitive career portal for the global luxury industry. We match exceptional professionals with exclusive opportunities at the world's most prestigious brands. From haute couture and fine watchmaking to prestige beauty, hospitality, and boutique retail, Cerulean centralises luxury employment to help you find the career for which you were destined.