Senior Identity Security Engineer – Access & Automation (IAM / PAM / Cloud)
* Permanent | Hybrid (UK)
* £90K–£115K + Bonus + Benefits
Overview
Senior Identity Security Engineer to lead and modernise its Privileged Access Management (PAM) and Identity & Access Management (IAM) landscape. This position is integral to developing secure, automated, and scalable access solutions across multi-cloud and hybrid environments, ensuring compliance with enterprise security standards and regulatory frameworks.
Key Responsibilities
* Design, implement, and maintain privileged-access and identity-security platforms, enhancing governance and lifecycle management.
* Develop automation scripts and integrations (PowerShell, Python, or Terraform) to streamline access provisioning, credential rotation, and policy enforcement.
* Embed Zero Trust principles across cloud and infrastructure environments, supporting just-in-time and adaptive-access models.
* Integrate and manage access across technologies such as CyberArk, Azure AD / Entra ID, Azure PIM, SailPoint, Okta, and related IGA tools.
* Partner with Security, DevOps, Cloud, and Risk teams to strengthen access governance and monitoring.
* Support compliance and audit readiness aligned with frameworks such as ISO 27001, NIST, and GDPR.
* Contribute to roadmap development for non-human identity management, secrets automation, and privileged session oversight.
Required Experience
* Strong background in Identity & Access Management or Privileged Access Engineering within enterprise or regulated settings.
* Proven hands-on experience with CyberArk, Azure PIM, Okta, or equivalent PAM/IAM solutions.
* Skilled in scripting and automation (e.g., PowerShell, Python, Terraform, API integrations).
* Working knowledge of Active Directory, cloud identity models (Azure / AWS), and IGA platforms (e.g., SailPoint).
* Familiar with Zero Trust, role-based access control (RBAC), and access-certification processes.
* Excellent communication and stakeholder engagement skills, with the ability to operate across infrastructure, risk, and compliance functions.
* Relevant certifications (e.g., CISSP, Azure Security Engineer, CyberArk Defender) are advantageous.
Why Join
* Work on enterprise-scale identity and access programmes within a technically progressive environment.
* Drive innovation across PAM automation, IGA integration, and cloud-identity transformation.
* Hybrid working, strong total compensation, and extensive professional development support.