Job Overview
Secure our digital future through identity excellence. As an IAM Technical Analyst, you will be reporting into the Identity & Access Management team and working closely with internal IT teams and external partners supporting delivery of Cadent’s IAM roadmap into an ITIL disciplined environment, delivering IT services in a multisource model to an enterprise of 7000+ employees and external workers in a regulated utility.
The IAM team aims to enhance the user experience for colleagues by simplifying, improving, and automating access to systems & data for our digital identities including Privileged Access Management (PAM). We work with internal and external partners to improve provisioning and revocation of access to resources, ensuring access is authenticated and limited, based upon principle of least privilege. Accountable for the ongoing development and deployment of automated access management processes and integrations focussed on Cadent’s non‑SAP platforms and systems (Microsoft Active Directory, Entra ID and MS 365). We aim to enhance governance to improve management of digital identities including privileged access, protecting Cadent’s network to meet regulatory obligations (NCSC CAF), aligned to strategy and best practice.
Responsibilities
* Implement, support and optimise IAM and PAM services across the enterprise including SSO enablement of new SaaS applications and technical input and support to other projects and programmes.
* Ensure Change Management process is adhered to and technically validated to protect live service.
* Ensure alignment with NCSC CAF and regulatory obligations, develop, manage and adhere to IAM Standard Operating Procedures (SOPs), support for internal and external IAM security audits.
* Drive improvements in provisioning, revocation, and access governance.
* Collaborate across IT, business, and vendor teams to deliver secure solutions.
* Champion innovation and efficiency in identity management including maintenance plans and roadmaps to maintain the health of services.
Qualifications
* Degree in IT or Cybersecurity, ITIL Foundation, and ideally CIAM, CISSP or CISM.
* Extensive hands‑on experience in IT; specifically Microsoft Active Directory (AD), Entra ID and MS 365, with a good knowledge of system technologies, monitoring tools, processes, and incident handling in a 24x7x365 support environment.
* Experience of configuring, implementing, developing, and supporting complex solutions. Evidence of vendor/stakeholder management qualities.
* Technical curiosity, ensuring continuous skills refresh, with cutting‑edge and new‑to‑market technologies explored, understood, and assessed.
* Experience and understanding with different delivery methods and tools including Waterfall, Agile, SCRUM, Prince2, KANBAN and JIRA.
* Experience of building relationships and working with a variety of stakeholders, supported by interpersonal and communication skills at all levels, with the ability to translate complex IT issues into business‑related vocabulary.
* Experience and understanding of ITIL framework and ITSM tools, specifically ServiceNow.
* Experience working in a regulated utility industry desired.
* Experience and understanding of UK Data Privacy legislation.
Desirable Technical Knowledge or Qualifications
* Identity and Access Management, specifically Microsoft Active Directory (AD), Entra ID and MS 365 including Entra Connect, app registrations, certificate and password management for user and machine authentication.
* Deep knowledge of SAML, OAuth, OpenID Connect, SCIM, MFA and federation protocols.
* HR Provisioning, specifically SAP SuccessFactors to AD / Entra ID.
* Experience with Microsoft Entra ID Conditional Access, Defender for Identity, and Entra Permissions Management including PIM.
* Strong understanding of cyber‑security principles including zero‑trust, privileged access management (PAM), Just‑In‑Time (JIT) access, Role‑Based Access Control and adaptive authentication.
* Privileged Access Management, specifically CyberArk suite.
* Experience of integrating applications with IGA solutions using a variety of APIs and protocols such as Web service protocols REST/SOAP, LDAP, CSV.
* Hands‑on experience with identity automation; PowerShell scripting / MS Graph API, and other API‑based integrations.
* Data lifecycle management tools such as Microsoft Defender & Microsoft Purview.
* NCSC Cyber Assessment Framework (CAF).
* DevOps and cloud security best practices in AWS/Azure environments.
#J-18808-Ljbffr