Job Title: Framework Owner – Authentication Control Framework
Job Description
This role leads the design, ownership, and continuous improvement of the organisation’s authentication control framework. You will define and maintain mandatory procedures, operating instructions, and supporting metrics, ensuring they remain effective against emerging threats and aligned with regulatory expectations. Acting as a trusted subject matter expert, you will collaborate closely with technology, cybersecurity, and governance teams to uplift control maturity, support audits and regulatory reviews, and drive a globally consistent, best-in-class identity and access management (IAM) control environment.
Responsibilities
1. Own the design and ongoing maintenance of the authentication control framework, including mandatory procedures, operating instructions, and supporting metrics.
2. Develop, own, and maintain the strategic roadmap for the control framework, driving continuous enhancement in line with business needs, emerging threats, and regulatory expectations.
3. Lead control effectiveness assessments, define rationales, and oversee remediation plans, actions, milestones, and tracking to address gaps and sustain performance.
4. Provide first-line governance and support for audit, regulatory, and control testing engagements, acting as the initial point of contact for queries and coordinating inputs from control operators.
5. Ensure the control framework is represented accurately in all engagements, and that responses to audit and regulatory queries are timely, complete, and aligned with control standards.
6. Track all audit, regulatory, and control-related actions through to closure, ensuring they meet agreed standards and timelines.
7. Collaborate with technology teams to align strategic maturity uplift priorities and oversee remediation delivery to address gaps effectively and improve control maturity.
8. Act as a trusted subject matter expert, providing consultancy and guidance on control framework queries to stakeholders across all three lines of defence, central technology functions, and global functions.
9. Provide oversight of control metrics, ensuring they are monitored, analysed, and reported clearly to cybersecurity management and other relevant stakeholders to support informed decision-making and continuous improvement.
10. Support control operators with issue resolution and lead the design and operation of exceptions, including risk acceptances, ensuring decisions are controlled, documented, and risk-informed.
11. Work closely with other IAM CARA team members to review, streamline, and maintain a global, best-in-class process and procedure to enhance operational efficiency.
12. Participate in relevant control governance committees and work closely with internal stakeholders across the business to ensure alignment on key initiatives.
13. Lead, mentor, and develop a high-performing team, supporting emerging talent and fostering a culture of continuous improvement and accountability.
Essential Skills
14. Strong experience in Identity and Access Management (IAM) and Identity and Access Governance, with a particular focus on authentication controls.
15. Hands-on background in IDAM (Identity and Access Management) control design, implementation, and monitoring.
16. Proven ability to design, own, and maintain control frameworks, including procedures, operating instructions, and supporting metrics.
17. Demonstrated experience assessing control effectiveness and leading remediation activities to close gaps and improve control maturity.
18. experience supporting and coordinating audit, regulatory, and control testing engagements, including managing queries and tracking actions to closure.
19. Strong collaboration skills, with the ability to work effectively with technology, cybersecurity, and governance teams to deliver control maturity uplifts.
20. Proven stakeholder management skills across multiple lines of defence and global functions.
21. Ability to interpret, monitor, and report control metrics clearly to senior stakeholders to support informed decision-making.
22. experience handling control exceptions and risk acceptances in a structured, documented, and risk-informed manner.
23. Leadership skills with experience guiding and developing high-performing teams.
Additional Skills & Qualifications
24. experience working within a Three Lines of Defence model or similar risk and control governance framework.
25. Exposure to global organisations with complex technology and cybersecurity environments.
26. background in cybersecurity, risk management, or IT governance related to IAM and authentication controls.
27. experience participating in or supporting control governance committees or forums.
28. Ability to streamline and standardise global processes and procedures to enhance operational efficiency.
Why Work Here?
You will join a culture that values strong governance, collaboration, and continuous improvement, where your expertise in controls and IAM directly contributes to the organisation’s security posture. The environment encourages knowledge sharing, professional growth, and the development of emerging talent, offering opportunities to lead meaningful change across a global landscape. You will work closely with senior stakeholders and cross-functional teams, gaining broad exposure and the chance to shape best-in-class processes and frameworks.
Work Environment
You will work in a structured, controls-focused environment within a global technology and cybersecurity context. The role involves close collaboration with IAM, cybersecurity, technology, risk, and governance teams, often participating in formal governance committees and forums. Work typically follows standard business hours, with flexibility to engage with stakeholders across different regions when required. The setting is professional and process-driven, with an emphasis on documentation, clear reporting, and adherence to control standards.
Location
Sheffield, UK
Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. 2876353. Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands.