IT Systems Administrator – Microsoft & Identity Platform

About us

Join bonify Germanys leading platform for credit scoring and financial management. We are on the mission to revolutionize the FinTech industry and make the credit score and financial data available and transparent for our users.

The IT Systems Administrator Microsoft & Identity Platform is responsible for the secure compliant and reliable operation of the Microsoft-centric identity and endpoint environment within a regulated fintech (BaFin / DORA context).

The role focuses on Microsoft Entra ID Intune Microsoft Defender and related cloud services. It ensures controlled access to systems and data supports audit-readiness and collaborates closely with internal teams (Security Platform People Ops) as well as external professional services partners.

Your tasks

Identity & Access Management (Microsoft Entra ID)

• Operate Microsoft Entra ID as central Identity Provider (IdP).
• Manage users groups roles and conditional access policies.
• Enforce MFA and baseline security configurations.
• Support and execute periodic access reviews and recertifications.
• Maintain structured role/group concepts and least-privilege access models.
• Support Joiner/Mover/Leaver processes in coordination with People Ops.

SaaS & SSO Operations

• Maintain and troubleshoot SSO integrations (SAML OIDC SCIM where applicable).
• Onboard new SaaS applications into the central identity framework.
• Support application owners in defining access governance models.
• Ensure consistent role/group mapping across systems.

AWS & Production Access (in cooperation with Platform Team)

• Support EntraAWS integration (IAM Identity Center / SSO role-based access).
• Assist in implementing least-privilege and just-in-time (JIT) access patterns.
• Troubleshoot access issues in production environments.
• Contribute to secure and compliant cloud access models.

Endpoint & Mobile Management

• Operate Intune policies and configuration profiles for:
  • macOS
  • Windows
  • Mobile and BYOD devices
• Monitor device compliance and security posture.
• Oversee Microsoft Defender status and remediation workflows.
• Support users with enrollment configuration and compliance remediation.

Monitoring & Audit Support

• Support Security in operating log and alert flows (Entra logs Defender Sentinel incident tooling).
• Contribute technical analysis during security incidents.
• Provide structured evidence and documentation for audits and regulatory reviews.
• Maintain runbooks configuration documentation and change traceability
• Coordinate handovers and ensure operational sustainability of implemented solutions.

Requirements

• 5-7 years of experience as IT Administrator / Systems Engineer with strong focus on Microsoft Cloud.
• Proven hands-on experience with:
  • Microsoft Entra ID (SSO Conditional Access MFA Groups/Roles; PIM is a plus)
  • Microsoft Intune
  • Microsoft Defender for Endpoint
• Experience integrating SaaS applications via SAML/OIDC and SCIM.
• Basic understanding of AWS IAM and IAM Identity Center.
• Experience working in regulated audit-driven or security-sensitive environments (financial services / fintech preferred).
• Strong documentation skills and understanding of governance requirements.
• Very good English required; German strongly preferred.

Personal Attributes

• Strong sense of responsibility for security-critical services.
• Structured documentation- and evidence-oriented working style.
• Pragmatic and automation-minded approach.
• Ability to balance usability and security in a regulated environment.
• Collaborative mindset across Security Engineering Operations and external partners.

What we offer

As part of the bonify team youll have:

• The opportunity to take ownership from day one
• The chance to thrive in a dynamic and flexible startup environment.
• Access to extensive coaching and training programs through our personal development budget
• 30 vacation days
• Mental health support platform
• Subsidies for BVG and UrbanSportsClub
• 1:1 language classes in both German and English.

The Company is committed to the principle that no employee or job applicant shall receive unfavourable treatment on grounds of age disability gender reassignment race religion or belief sex sexual orientation marriage or civil partnership pregnancy and maternity.

Please note to be compliant with AML requirements due to the specifics of fintech industries additional background checks are required (applicable only at the offer stage).

If youre ready to make a meaningful impact in the world of FinTech and embark on an exciting career journey apply now to join bonify!