[Up to c. £225k Comp Package | Hybrid Working - 3 Days in Office]
We’re partnering with a market-defining pensions investment firm undertaking a major multi-year transformation of its technology and security stack. Backed by full executive sponsorship, they’re modernising cloud-native architecture, overhauling their identity platforms, and embedding security engineering into every layer of infrastructure delivery. With responsibility for safeguarding over £65 billion in assets and millions of pension holders, this is a high-impact opportunity to shape the identity fabric of a business where your work will be operational, not theoretical - influencing every application, platform and access point across the estate...
Key Responsibilities
* Lead design and hands-on delivery of secure Identity & Access Management (IAM) capabilities across cloud-native and SaaS platforms (AWS, Azure, internal systems)
* Build scalable identity lifecycle workflows, including access provisioning, deprovisioning, RBAC/ABAC models, just-in-time access, and directory integrations
* Automate identity governance processes via policy-as-code frameworks, IaC pipelines and audit/attestation tooling
* Integrate IAM controls into CI/CD pipelines, infrastructure delivery, and developer workflows, ensuring consistent security guardrails from build to production
* Partner with security architects, developers, and DevOps engineers to embed identity controls into broader security architecture design
* Support secure federation and SSO integrations across SAML, OIDC, SCIM and modern authentication protocols
* Translate regulatory and compliance needs into technical identity controls that balance security, usability and engineering agility
* Continuously refine IAM capabilities in response to emerging threats, platform evolution, and business growth
* Collaborate closely with leadership to provide governance oversight, reporting and risk visibility for identity-related access controls
What You’ll Bring...
* 4-10 years’ experience in Security Engineering or Software Engineering roles, with 2+ years directly focused on IAM
* Proven delivery of IAM capabilities within cloud-native environments (AWS or Azure), including identity lifecycle and access governance
* Practical knowledge of authentication and authorisation protocols including SAML, OIDC, OAuth2, SCIM, LDAP, and federated identity models
* Hands-on experience with cloud-native IAM tools such as AWS IAM, Azure AD, Okta, Saviynt or equivalent directory services
* Strong automation skills across policy-as-code frameworks (OPA), infrastructure-as-code (Terraform), and CI/CD integration
* Familiarity with Zero Trust architecture principles and evolving access control models
* Solid understanding of security control frameworks such as NIST, ISO27001 or CIS Benchmarks, as they apply to access management
* (Preferred) Prior experience in financial services, risk management, pensions, or insurance industries
* (Preferred) Certifications such as CISSP, CCSP, or IAM/cloud-focused security qualifications
..