Job Description:
Lead Security Architect – Identity and Access Management (IAM)
Permanent
London / Staines / Manchester (Hybrid Working)
We make health happen
At Bupa, our purpose is simple but powerful — helping people live longer, healthier, happier lives and making a better world. We’re a global healthcare provider and insurer with no shareholders, which means our customers come first in everything we do.
As our Lead Security Architect – IAM, you’ll play a key role in protecting the digital identities of our people, customers, and partners. You’ll help shape and deliver a secure, scalable, and user-friendly identity and access management strategy that supports our digital transformation and keeps our systems safe.
This is your chance to join a team that’s passionate about innovation, security, and making a real difference to people’s lives.
Key Responsibilities
As our Lead Security Architect – IAM, you’ll:
1. Define and maintain our enterprise IAM architecture, aligned with Zero Trust principles.
2. Develop reusable design patterns and reference models for IAM services like identity lifecycle, RBAC/ABAC, SSO, MFA, and PAM.
3. Lead the integration of IAM solutions across cloud, SaaS, and on-prem platforms including Azure, GCP, Kubernetes, and legacy systems.
4. Evaluate and select IAM technologies such as Entra ID, Okta, CyberArk, and SailPoint.
5. Design scalable identity governance and administration (IGA) solutions for staff, customers, and third parties.
6. Collaborate with teams across Cybersecurity, Risk, Engineering, and Compliance to embed IAM controls.
7. Stay ahead of emerging trends like decentralised identity and passkeys and guide architectural innovation.
8. Provide expert consultancy during audits, incident response, and solution design.
9. Support internal and external risk, compliance, and audit reviews.
What We’re Looking For
We’re looking for someone who brings deep technical expertise and a collaborative mindset. You’ll need:
10. 7+ years’ experience in IAM, security architecture, or cloud engineering with a strong IAM focus.
11. Proven experience designing and implementing enterprise IAM strategies.
12. Strong knowledge of IAM governance, access reviews, and compliance frameworks.
13. Hands-on experience with platforms like Azure AD, Okta, SailPoint, CyberArk, and BeyondTrust.
14. Familiarity with identity protocols (SAML, OAuth2, OpenID Connect) and Zero Trust models.
15. Experience with hybrid and multi-cloud environments, including Kubernetes and SaaS integrations.
16. Relevant certifications (e.g. SC-300, CIAM, CISSP, CCSP, SABSA) are a plus.
17. Excellent communication skills — able to explain complex ideas to technical and non-technical audiences.
18. A passion for continuous improvement and a proactive approach to problem-solving.
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family-friendly benefits.
Joining Bupa in this role, you’ll receive the following benefits and more:
19. 25 days holiday, increasing through length of service, with the option to buy or sell
20. Enhanced parental leave
21. Company-matched pension scheme
22. Annual performance-based bonus
23. Private medical insurance
24. Access to our health assessments and wellbeing services
25. Discounts on Bupa products and services
Why Bupa
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.