Together, we are working to welcome millions more passengers, while ensuring aviation can continue to be a force for good by leading global efforts in sustainability. At Heathrow, you can be part of this by providing solutions that make every journey better for millions each year. That means ensuring we meet the changing needs of the passengers, colleagues and partners who use our airport to work, travel, trade, shop, eat, explore and connect.
Job Description
In this role, you will help ensure that Heathrow’s Identity & Access Management approach is securely designed, effectively managed, and aligned with the highest cyber security principles. You’ll bring a strong understanding of identity governance, user access lifecycle management, directory services, and privileged access management, ensuring our systems meet both industry standards and regulatory requirements.
Your role will involve
* Identity Lifecycle Management – reviewing and automating joiner‑mover‑leaver (JML) processes, enforcing RBAC, and integrating identities with cloud and third‑party services.
* Authentication Controls – verifying SSO, directory‑services, and MFA configurations across all internal and external applications.
* Secure Auth Design & Troubleshooting – advising on secure authentication flows and investigating authentication failures or access anomalies.
* Access Governance – oversight, running periodic access reviews, analysing entitlements for toxic combinations, and ensuring least‑privilege and segregation‑of‑duties.
* Access Policy & Reporting – maintaining access policies, approval workflows, and supplying timely logs and evidence for audits and regulatory reporting.
* PAM Platform Configuration – aligning the privileged‑access‑management platform with industry best practice and integrating it with wider security tooling.
* Privileged Access Assurance & Incident Support – reviewing privileged assignments, monitoring privileged activity, and supporting cyber‑incident investigations.
* Identity Analytics & Monitoring – leveraging SIEM, building playbooks, dashboards, and KPIs to detect anomalous identity behaviour and drive continuous improvement.
* Threat‑Hunting & CDC Support – using identity data for threat hunting and assisting the Cyber Defence Centre in triaging identity‑related incidents.
* Documentation, Collaboration & Continuous Improvement – maintaining IDAM standards, contributing to projects and upgrades, staying current with trends, and participating in audits and risk assessments.
Essential Skills
* Strong experience specializing in identity and access management, including hands‑on experience with identity platforms (Azure AD, Entra, Defender for Identity, BeyondTrust).
* Strong understanding of identity lifecycle, RBAC, and access control models.
* Familiarity with cloud environments from an IDAM perspective.
* Experience in ensuring compliance with industry standards and regulations related to identity security (e.g., NIST, ISO 27001, PCI‑DSS, GDPR).
* Strong knowledge of identity governance, authentication protocols (SAML, OAuth, OpenID Connect), and directory services (AD, Azure AD).
* Hands‑on experience with identity‑related security audits, access reviews, and compliance requirements.
* Proven ability to analyse and interpret access data, logs, and entitlements to identify security risks.
* Understanding of Zero Trust architecture and principles as applied to IDAM.
* Familiarity with identity analytics tools and SIEM solutions for correlating IDAM events (e.g., Sentinel).
Desired Qualifications
* Experience participating in internal and external audits, including evidence gathering and control walkthroughs.
* Experience working with PAM technologies (e.g., BeyondTrust).
* Experience working with ITSM platforms like ServiceNow to manage access workflows and incidents.
* Understanding of the security challenges within regulated industries.
Seniority level
* Entry level
Employment type
* Full-time
Job function
* Information Technology
Industries
* Computer and Network Security
#J-18808-Ljbffr