.Job Description Summary#Sandoz Job DescriptionSandoz is going through an exciting and transformative period as a global leader and pioneering provider of sustainable Biosimilar and Generic medicines.Now as an independently listed company, Sandoz aims to increase its strategic focus, operate with greater agility, set clearer business objectives, enhance shareholder returns, and strengthen its culture for us, the Sandoz associates. This is an exciting time in our history, and by creating a new and ambitious path, it will provide a unique opportunity for us all, both professionally and personally. Join us as a Founder of our 'new' Sandoz!The roleAs the Lead IAM Cloud and Federation you will operate the entire lifecycle of the IAM solutions and troubleshoot any problems. Support the control and definition of IAM management policy and instructions within the company, and the design of new IAM solutions. Enhance the quality of the IAM security solutions in all aspects of stability, availability, development, training, and documentation.Your Key Responsibilities:Your responsibilities include, but not limited to:Implement authentication and identity operating standards.Develop tools and scripts to increase automation and streamline operations.Guide strategic plans to ensure system currency and technical evolution of services and architecture.Evolve the Single-Sign On product to improve resiliency and ensure continuity of business operations.Resolve incidents, perform root cause analysis, and improve service quality.Complete SAML, OAuth and OIDC application onboarding through requirements analysis, design, implementation, and operational stages.Support deviation investigations, corrective/preventative action closures, and building initiatives as appropriate.Provide regular feedback to peers to promote a continuous improvement mindset and collaborate with all building staff to share and align on best practices.Foster a culture of collaboration, learning, and innovation.What you'll bring to the role:Essential Requirements:Strong expertise in Microsoft Azure/EntraID and Active Directory, with a related Microsoft certification (e.G., Microsoft Azure Enterprise Administrator, Security Administrator Associate).Proven knowledge in on-premise AD Domain Services and IT Security considerations within Microsoft Cloud Services.Very good understanding of Modern authentication protocols (OAuth2, SAML, OpenID).Capable of setting up Single Sign-On (SSO) for internal and external Software as a Service (SaaS) applications, with prior experience in Business-to-Business (B2B) setup, configuration, and support.Hands-on experience setting up MFA protocols and conditional policies.Strong analytical skills, a conscientious work style, and the ability to work independently and reflectively.A strong team player open to new creative ideas and committed to staying current with the evolving cloud market