IT Security Administrator

Description

Can you help us protect GEA’s identity backbone? Are you ready to take ownership of Tier 0 security in a global enterprise environment? Join GEA. Here, you will get significant autonomy, decision-making authority, and accountability in your daily work. Working closely with our Security Leadership, the CIO, and the CISO, you will get the opportunity to influence enterprise security architecture and strategic security decisions.

About GEA

• GEA is one of the largest suppliers for the food and beverage processing industry and a wide range of other process industries. Approximately 18,000 employees in more than 60 countries contribute significantly to GEA’s success – come and join them! We offer interesting and challenging tasks, a positive working environment in international teams and opportunities for personal development and growth in a global company.

• Why join GEA

• GEA is an equal opportunity employer. Applicants will therefore receive consideration for employment without regard to age, sex, race, color, religion, world view, national origin, genetics, disability, gender identity, marital status, sexual orientation, veteran status or any other protected characteristic required by applicable law. Applicants with disabilities are welcome and will be given special consideration if they are equally qualified.

Your profile and qualifications

• Have 8+ years of experience within Microsoft infrastructure or cloud security roles and experience working in high trust or restricted environments.

• Bring solid hands-on expertise with Microsoft Entra ID (Azure AD), Active Directory and server operations, Conditional Access, Identity Protection, and Privileged Identity Management (PIM).

• Have a sound understanding of Zero Trust architectures, identity attack paths, threat models, and cloud incident response.

• Are experienced in identity and access governance design, secure tenant configuration and hardening, and troubleshooting critical incidents under time pressure.

Your responsibilities and tasks

• Own and operate Microsoft Entra ID (Azure AD) at Tier 0 level, including Global Administrator governance, privileged role management, and tenant-level security configuration.

• Manage Active Directory and server operations while designing and enforcing Conditional Access policies, MFA solutions, passwordless strategies, and Identity Protection controls.

• Administer Privileged Identity Management (PIM), Just in Time access models, and break glass account lifecycle management.

• Act as Tier 0 responder during identity-based incidents by containing compromised identities, restoring emergency access, and supporting tenant recovery activities.

• Review Tier 0 impacting changes, enforce separation of duties, support compliance requirements including GDPR and ISO 27001, and maintain documentation for audits and governance activities.