Security Access Management Team Lead

BrainRocket is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing. The company has a team of 1,300 employees and operates in Cyprus, Malta, Portugal, Poland, and Serbia.

• 5+ years of experience in Information Security.
• At least 1 year of experience in management as a Team Lead.
• Strong understanding of IAM, PAM, RBAC, least privilege, and access governance principles.
• Hands-on experience with access management processes, user lifecycle management, and access reviews.
• Experience working with SaaS platforms and reviewing third-party services from a security/access perspective.
• Good knowledge of InfoSec principles, security policies, incident handling, and audit requirements.
• Experience with SLA/KPI tracking and operational team management.
• Strong problem-solving skills and ability to make decisions in complex or urgent situations.
• Excellent communication and stakeholder management skills.
• Ability to document processes, prepare reports, and drive continuous improvements.

Nice to have:

• Experience with Microsoft Entra ID, Okta, or similar IAM tools.
• Experience with Salespoint or other access governance platforms.
• Information Security certifications such as ISO 27001, CISM or similar.

• Lead and manage the Access Administration team, including daily operations, task distribution, prioritization, and performance monitoring.
• Track and ensure compliance with SLA and KPI requirements.
• Manage user access lifecycle processes, including creating, modifying, reviewing, and removing user accounts and permissions.
• Ensure appropriate access levels are granted based on roles, responsibilities, and business needs.
• Implement, maintain, and improve RBAC principles and access control policies.
• Conduct regular access reviews and audits to identify excessive, outdated, or inappropriate access rights.
• Monitor user access activities across internal systems, SaaS platforms, and business applications.
• Analyze and respond to access-related incidents, violations, and security risks.
• Investigate potential threats and vulnerabilities related to access management processes.
• Escalate complex incidents to relevant teams and coordinate response actions.
• Maintain accurate documentation of access management activities, incidents, decisions, and process improvements.
• Prepare reports on access audits, incidents, SLA/KPI results, and team performance.
• Review and assess third-party SaaS services from an access management and security perspective.
• Ensure Information Security principles, least privilege, and proper approval workflows are followed.
• Support continuous improvement of IAM/PAM processes, tools, and internal procedures.

This is an on-site position based in Warsaw, Poland. Remote or hybrid arrangements are not available. Candidates must already be located in Warsaw or willing to relocate. Relocation support will be provided if needed.