Can you help us protect GEA’s identity backbone?
Are you ready to take ownership of Tier 0 security in a global enterprise environment?
Join GEA. Here, you will get significant autonomy, decision-making authority, and accountability in your daily work. Working closely with our Security Leadership, the CIO, and the CISO, you will get the opportunity to influence enterprise security architecture and strategic security decisions.
Responsibilities / Tasks
As an IT Security Administrator, you will take ownership of Microsoft Entra ID at Tier 0 level and help safeguard GEA’s most business-critical security asset: identity.
Your role combines hands-on operational responsibilities with strategic governance, where you will work across cloud identity security, Active Directory operations, privileged access management, incident response, compliance, and enterprise security architecture.
Approximately half of the role focuses on Active Directory and server operations, while the remaining responsibilities centre around identity security, governance, and cloud security controls.
More specifically, you will:
-
Own and operate Microsoft Entra ID (Azure AD) at Tier 0 level, including Global Administrator governance, privileged role management, and tenant-level security configuration.
-
Manage Active Directory and server operations while designing and enforcing Conditional Access policies, MFA solutions, passwordless strategies, and Identity Protection controls.
-
Administer Privileged Identity Management (PIM), Just in Time access models, and break glass account lifecycle management.
-
Act as Tier 0 responder during identity-based incidents by containing compromised identities, restoring emergency access, and supporting tenant recovery activities.
-
Review Tier 0 impacting changes, enforce separation of duties, support compliance requirements including GDPR and ISO 27001, and maintain documentation for audits and governance activities.
Your Profile / Qualifications
On a personal level, you bring integrity, discipline, and a strong sense of responsibility to everything you do. You are comfortable operating at the highest technical trust level and understand when security considerations must take priority in order to protect the organisation. Your low-ego mindset and collaborative nature allow you to work effectively across teams, functions, and countries.
Additionally, we imagine that you:
-
Have 8+ years of experience within Microsoft infrastructure or cloud security roles and experience working in high trust or restricted environments.
-
Bring solid hands-on expertise with Microsoft Entra ID (Azure AD), Active Directory and server operations, Conditional Access, Identity Protection, and Privileged Identity Management (PIM).
-
Have a sound understanding of Zero Trust architectures, identity attack paths, threat models, and cloud incident response.
-
Are experienced in identity and access governance design, secure tenant configuration and hardening, and troubleshooting critical incidents under time pressure.
Maybe you also hold Microsoft security certifications such as SC-300 or SC-100 and potentially CISSP, CISM, or equivalent security certifications – but it is not a requirement.
GEA Group – Engineering for a better world
At our office in Søborg, you will join our IT Security Services department. Here, you will become part of a close-knit team of 10 security professionals located across Denmark, Germany, the USA, and the Netherlands.
Despite working across different locations and time zones, we have a collaborative culture and work together as one unit.
Together, we are responsible for architecture, advisory, risk management, implementation, and security projects. We value professional excellence, low ego collaboration, and the freedom to take ownership and drive meaningful outcomes.
Would you like to know more?
If you would like to find out more about this position before submitting your application, please do not hesitate to contact Senior Director, IT Security Services, Thomas Zuliani, phone no. (+45) 52 26 10 36.
We will process the applications as we receive them, so please submit your application as soon as possible.
Please apply via the indicated link. Please note that GEA exclusively uses electronic recruiting, and only applications received through our application system will be considered*.*
Did we spark your interest?
Then please click apply above to access our guided application process.