At Metro Bank, we believe the best banking experience starts with people who genuinely care. We’re not just delivering banking services - we’re building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible.
What you will do:
* Own and drive the implementation of the bank’s IDAM Target Operating Model, ensuring alignment with wider cyber security objectives, regulatory expectations, and operational needs.
* Define, document, and embed IDAM processes, roles, governance structures, and performance measures required for a mature access management function.
* Partner with technology, business, and risk stakeholders to achieve a consistent and scalable IDAM operating framework.
* Design and oversee the implementation of core IDAM controls that demonstrate adherence to security principles, internal policy, and legislative requirements (e.g., PRA/FCA expectations, GDPR, SOX, NIST, ISO 27001).
* Implement continuous monitoring and reporting mechanisms to evidence control effectiveness and provide assurance to senior leadership, audit, and regulators.
* Lead remediation and change activity where control gaps or deficiencies are identified.
* Implement and run the bank-wide access recertification framework to ensure timely and accurate validation of user access privileges across all critical systems and applications.
* Work closely with business owners to validate role appropriateness, identify toxic combinations, and ensure alignment to least privilege principles.
* Provide MI, reporting, and escalation pathways to ensure recertification compliance and accountability.
* Oversee configuration, tuning, and administration of core IDAM toolsets, including Delinea (PAM) and SailPoint (Identity Governance & Administration).
* Ensure tools are optimally configured, maintained, and utilised in line with best practice and security standards.
* Lead enhancements, upgrades, and automation initiatives to improve operational efficiency and control coverage.
* Review proposed solutions for identity integration, authentication methods, role definitions, and access patterns.
* Collaborate with IT teams to define, implement, and monitor controls for Privileged Access Management.
What you will need:
* A minimum of 3–5 years of experience in identity and access management or related security services.
* Hands‑on experience with identity governance, privileged access management, and authentication technologies, as well as a strong understanding of regulatory requirements such as GDPR and financial sector compliance standards.
* Familiarity with directory services.
* Strong understanding of regulatory compliance (e.g. FCA/PRA rules) and identity and access management principles.
* Knowledge of Windows, Linux, Active Directory, and cloud environments (Azure, AWS).
* Strong knowledge of implementing RBAC controls.
* Recognised industry qualification e.g. CISSP, CISMP, CCSP, CISM.
Our promise to you…
* We will make sure that you are well‑rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts!
* We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).
Diverse teams really are the best teams. We know that candidates (especially women, research tells us) may be put off applying for a job unless they can tick every box. We also know that ‘normal’ office hours aren’t always doable, and while we can’t accommodate every flexible working request we are happy to be asked. So if you are excited about working with us and think you can do much of what we are looking for but aren’t sure if you are 100% there yet… why not give it a whirl? Please note that sometimes we may close a job earlier for applications if we are inundated with amazing candidates.. Good luck!
#J-18808-Ljbffr