22 jobs found

GCS Recruitment is seeking a skilled .Net IAM Developer for a hybrid position in Sheffield. The role involves developing enterprise IAM solutions using modern .NET technologies such as .NET Core and ASP.NET, as well as integrating with platforms like SailPoint IdentityNow and Active Directory. Applicants should have a strong background in enterprise software development, with at least 5 years of relevant experience and proficiency in API integrations. This is an excellent chance to join a high-performing engineering team.

Salary: £56,000 - 73,000 per year Requirements We have proven experience in a hands on IAM engineering or technical SME role. We have strong technical expertise in one or more IAM platforms, including Microsoft Entra ID, Okta, SailPoint Identity Security Cloud, or CyberArk. We have experience with directory services, including Active Directory and LDAP. We have a strong understanding of federation and authentication protocols, including SAML, OAuth 2.0, OpenID Connect, and SCIM. We have experience with scripting and automation using PowerShell, Python, or Java. We have strong troubleshooting and problem solving skills. We have experience integrating IAM solutions with cloud and on premises applications. We have familiarity with SIEM logging, monitoring, and audit requirements. Vendor certifications in IAM technologies are desirable. We have experience working within financial services or other regulated industries, which is desirable. We have knowledge of DevSecOps, Infrastructure as Code, and API security, which is desirable. Security certifications such as CISSP, CISM, or Security are desirable. We have strong analytical and troubleshooting capabilities. We have excellent communication and stakeholder engagement skills. We can work independently in a fast paced environment. We have strong documentation and knowledge sharing skills. We have a delivery focused mindset with attention to detail. Responsibilities We implement, configure, and support enterprise IAM solutions. We develop and maintain identity provisioning and deprovisioning workflows. We configure and manage SSO, MFA, and access policies. We build and support integrations between IAM platforms and enterprise applications. We develop automation scripts and APIs to streamline identity processes. We troubleshoot authentication, authorisation, and provisioning issues. We support IAM migrations, upgrades, and transformation initiatives. We create technical documentation, support procedures, and operational runbooks. We collaborate with security operations, infrastructure, cloud, and application teams. We ensure IAM solutions meet security, compliance, and operational requirements. Technologies API Active Directory Cloud DevSecOps IAM Support Java LDAP OAuth OpenID PowerShell Python SAML Security DevOps More We are offering a 12 month contract opportunity for an IAM Technical SME based in London, United Kingdom, with a hybrid working model of 4 days per week onsite. The role is inside IR35 and is available to start as soon as possible. We are seeking someone to work closely with architects, engineers, security teams, and business stakeholders to deliver secure, scalable identity services across enterprise environments.

Role Title: .Net IAM Developer Location: Sheffield (Hybrid - 2-3 days per week onsite) Role Category: Inside IR35 Contract Duration: Until 30th November with extension Overview We're recruiting for an experienced .Net IAM Developer to join the Identity & Access Management team of a leading global financial services organisation. This role offers the opportunity to work on enterprise-scale identity solutions, developing secure integrations and supporting identity lifecycle management across a complex technology estate. Responsibilities Develop enterprise IAM solutions using .NET Core, ASP.NET and C#. Build and support integrations with SailPoint IdentityNow. Develop custom connectors and REST API integrations. Configure integrations with Active Directory, Microsoft SQL and Web Services. Support identity lifecycle processes including Joiner, Mover and Leaver. Implement and support Role-Based Access Control (RBAC). Investigate and resolve provisioning and access-related issues. Work closely with business stakeholders, infrastructure teams and third-party suppliers. Produce technical documentation and knowledge transfer materials. Support CI/CD automation using Jenkins, GitHub and Ansible. Contribute to cloud-based IAM solutions within Azure and AWS environments. Required Skills 5+ years' experience in enterprise software development. Strong experience with .NET Core, ASP.NET and C#. Microsoft SQL Server. REST API development and enterprise integrations. Experience integrating with Active Directory. Experience with SailPoint IdentityNow or another enterprise IAM platform. Knowledge of Identity Lifecycle Management, Access Provisioning and RBAC. Experience using Jenkins, GitHub and Ansible. Azure and/or AWS exposure. Excellent troubleshooting and communication skills. Desirable Skills SailPoint IdentityNow custom connector development. CyberArk, HashiCorp or Centrify. Angular. Docker and Kubernetes. QA and automated testing. JIRA and Confluence. This is an excellent opportunity to join a high-performing engineering team delivering secure, enterprise-scale Identity & Access Management solutions using modern .NET technologies, cloud platforms and automation practices. GCS is acting as an Employment Business in relation to this vacancy.

Salary: £28,600 - 31,200 per year Requirements Current SC clearance Strong hands on experience with SailPoint IdentityIQ (IIQ) and/or Identity Security Cloud (ISC) Proven delivery experience within enterprise IAM / IGA programmes Strong understanding of Identity Governance & Administration (IGA) Strong understanding of RBAC, least privilege, Segregation of Duties (SoD), and identity lifecycle management Experience configuring access requests, approval workflows, certifications/recertifications, provisioning integrations, and application connectors Experience integrating SailPoint with Microsoft Entra ID / Azure AD, LDAP / Active Directory, HR platforms, and SaaS/cloud applications Strong scripting and automation skills with PowerShell, APIs, and Java / BeanShell Experience working in hybrid cloud environments Privileged Access Management experience with technologies such as CyberArk is desirable Responsibilities Design, configure, and support SailPoint IIQ and ISC solutions Implement and enhance Joiner / Mover / Leaver (JML) processes Develop and support provisioning workflows, access requests, and certification campaigns Configure application onboarding and connector integrations Support RBAC and access governance initiatives Integrate SailPoint with enterprise applications, directories, HR systems, and cloud platforms Collaborate with security, infrastructure, and application teams to resolve IAM-related issues Support audit, compliance, and governance requirements Produce technical documentation and implementation artefacts Contribute to ongoing IAM transformation and optimisation initiatives Technologies Active Directory Azure Cloud IAM IdentityIQ Support Java LDAP PowerShell RBAC Security DevOps More We are a global IT consultancy delivering digital transformation for a public sector body. This is a SailPoint IAM Engineer contractor role, working mainly remotely with some travel to the South West. The initial contract duration is 6 to 12 months, and the rate is £550 to £600 per day. We are looking for a hands on technical specialist to help deliver enterprise identity governance and administration capabilities across complex hybrid environments, with a focus on SailPoint IdentityIQ and Identity Security Cloud.

Sivara GmbH is hiring a SailPoint IAM Engineer to deliver enterprise identity governance and administration solutions across complex hybrid environments. This contractor role mainly offers remote work with some travel to the South West. Responsibilities include designing solutions using SailPoint IdentityIQ, implementing processes, and supporting governance initiatives. The role requires strong hands-on experience with IAM technologies and scripting skills. The position has an initial contract of 6 to 12 months with a daily rate of £550 to £600.

Job Title IDAM PAM Engineer Location United Kingdom (Cambridge / London) Employment Type Full-time, permanent Overview AVEVA is seeking Privileged Access Management (PAM) Engineers to lead the delivery of highly automated, enterprise grade privileged access controls as part of our IDAM function. This is a senior, hands on engineering role with significant responsibility and influence. Key Responsibilities Lead the automation first design and engineering of PAM solutions Play a senior role in CyberArk (or similar) implementation and expansion Engineer fully automated onboarding for privileged user accounts, service and application accounts, credentials, secrets, and keys Integrate PAM with SailPoint for automated governance, lifecycle, and access reviews Define PAM standards, onboarding patterns, and automation frameworks Automate privileged access requests, approvals, and provisioning via ServiceNow Build automated PAM and SailPoint reporting for audits and compliance Reduce manual PAM operations through scripting and orchestration Secure privileged access across Active Directory environments, Windows and Linux platforms, Azure and cloud services, applications and DevOps pipelines Act as senior escalation point for PAM related incidents Partner with Security Architecture and Audit on control design and evidence automation Produce high quality architecture diagrams, runbooks, and engineering documentation Apply AI assisted tooling to enhance troubleshooting and operational insight Essential Requirements Significant, hands on experience in Privileged Access Management Hands on SailPoint experience is mandatory Strong experience with CyberArk (PAS, PSM, EPM) or equivalent tools Proven ability to engineer and automate PAM at scale Strong understanding of privileged access risks and threat vectors Advanced experience with Active Directory and hybrid identity environments Strong automation and scripting skills (PowerShell, Python, APIs) Experience supporting audits using automated evidence and reporting Ability to operate as a senior engineer, providing technical leadership Desired Skills Experience using ServiceNow and/or Jira to automate privileged access workflows Broader knowledge of IAM, IGA, Zero Trust, or identity security domains Experience working with DevOps teams, including securing pipelines and secrets Bachelor's degree in Computer Science, Engineering, Mathematics, or related discipline; or equivalent experience Relevant certifications (e.g., CyberArk, SailPoint, Microsoft Security, Cloud Security) Strong communication and stakeholder management skills Customer focused mindset, balancing security with business usability Demonstrated growth mindset, passionate about continuous learning Experience mentoring or guiding other engineers Benefits Flexible benefits fund Emergency leave days Adoption leave 28 days annual leave (plus bank holidays) Pension Life cover Private medical insurance Parental leave Education assistance program Equal Opportunity & Background Checks AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. All successful applicants will undergo a drug screening and comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.

Identity & Access Engineer (IAM) - Manchester Based (3 Days Hybrid) About Finova Finova is the UK's largest financial services technology provider, supporting one in every five mortgages nationwide. Our agile, cloud-native solutions enable over 60 banks, building societies, specialist lenders, equity release providers and a network of 2,400+ brokers to stay ahead in a competitive market. Built on open architecture and backed by deep industry expertise, our platform is designed to scale. Each year, we process over £50 billion in loans, manage nearly £50 billion in savings, and support the digital servicing of more than 650,000 UK borrower accounts. Be part of a team that's driving innovation, enabling growth and shaping the future of UK lending. About the Role Finova is seeking a seasoned IAM Specialist to own the design and implementation of identity, access, and entitlements across a multi-cloud SaaS fintech platform. Core Responsibility: Translate architectural choices into practical, automated, and secure IAM implementations spanning workforce, customer, and machine identities. The Stack: Multi-cloud infrastructure across AWS, Azure, and GCP. Applications run on .NET with SQL Server-backed role systems. Key Challenge: Enforce tenant isolation and strict least-privilege to satisfy regulators, while defining cutting-edge access boundaries for AI pipelines, vector databases, and automated decision engines. Work Model: A highly collaborative, hands-on hybrid role. You will balance high-level access modeling with day-to-day configuration, such as writing OPA Rego rules or configuring Azure AD Conditional Access policies. About You You are a highly analytical identity purist who recognizes that in a modern cloud ecosystem, identity is the actual security perimeter. You bridge the gap between application engineering, cloud infrastructure, and regulatory audit, acting as the subject matter expert on who-and what-has access to everything. Key Attributes The Structural Architect: You enjoy mapping complex business roles into clean, automated framework permissions, avoiding the technical debt of "privilege creep." Code-Driven Security Advocate: You prefer policy-as-code over manual UI configurations, favoring auditable git repositories and continuous testing for authorization logic. Pragmatic Problem Solver: You understand that security fails if it creates friction, meaning you are constantly looking for ways to use JIT elevation, automated provisioning, and SSO to make access seamless yet secure. Rigorous Guard of Boundaries: You possess an uncompromising eye for isolation details, instinctively knowing how to defend against cross-tenant data leaks and broken access controls. Experience: 4-6 years in IAM, security engineering, or identity-focused cloud engineering with hands-on enterprise deployment experience. Entra ID Expertise: Deep practical knowledge of Azure AD (Entra ID), encompassing app registrations, Conditional Access, PIM, and federation configurations. Multi-Cloud Competency: Hands-on experience with at least two major cloud providers (AWS IAM, Azure RBAC, or GCP IAM) and operational familiarity with all three. Application & DB IAM: Experience implementing RBAC/ABAC models within .NET applications (Claims, ASP.NET Identity) alongside practical SQL Server access management (roles, RLS, data masking). Federation Protocols: Strong capabilities with SAML 2.0, OIDC, OAuth 2.0, and SCIM provisioning workflows. Policy-as-Code Skills: Experience writing, testing, and deploying authorization policies (OPA/Rego, Azure Policy, or AWS SCPs) directly within a CI/CD pipeline. Modern IAM Tooling: Familiarity with PIM/PAM, CIEM concepts, secretless DevOps access patterns (OIDC-based pipeline identity), and secrets managers (Azure Key Vault, HashiCorp Vault). SaaS Architecture Intuition: A strong understanding of multi-tenancy, with the ability to easily identify missing tenant contexts or authorization bypass vulnerabilities. Communication: Ability to articulate complex identity structures and compliance mandates clearly to developers, architects, and non-technical auditors alike. Nice-to-Have Fintech Experience: Prior experience navigating IAM in highly regulated domains like banking, payments, or insurance. CIEM/IGA Platforms: Familiarity with platforms like Microsoft Entra Permissions Management, Ermetic, SailPoint, or Saviynt. AI Infrastructure Security: Experience building access controls explicitly tailored for model training environments, feature stores, or LLM integrations. Certifications: SC-300 (Microsoft Identity Administrator), AWS Security Specialty, AZ-500, CISSP, or CCSP. Automation Scripting: Competency in PowerShell or Python for automating access reviews, reporting, and IAM operations. Zero Trust Strategy: Understanding of broader Zero Trust architectures, integrating device compliance and network trust factors with core identity decisions. What Will You Be Doing? Identity Architecture & Federation Platform Architecture: Design and implement the identity framework across workforce (employees/contractors), customer (tenant users/admins), and machine identities (services/AI pipelines). Primary IdP Management: Configure and manage Azure AD (Entra ID) tenant structures, app registrations, Conditional Access policies, and directory sync. Enterprise Federation: Implement SAML 2.0, OIDC, and WS-Federation patterns to smoothly onboard customer-managed IdPs like Okta, Ping, and ADFS for enterprise SSO. Automated Provisioning: Design and operate SCIM-based provisioning and deprovisioning workflows to automate user lifecycles across SaaS tenants. Multi-Cloud Mapping: Map Azure AD identities to AWS IAM roles and GCP Workforce Identity Federation to maintain a cohesive, centralized access model. Privileged Access & Entitlements Management PIM/PAM Operations: Implement Just-In-Time (JIT) access, time-bound elevation, and multi-stage approval workflows for sensitive administrator roles. CIEM Right-Sizing: Utilize Cloud Infrastructure Entitlements Management concepts to monitor and reduce standing privileges or over-entitled accounts across AWS, Azure, and GCP. Access Certification: Build automated entitlement review campaigns so business managers can attest to access appropriateness with minimal friction. Break-Glass Procedures: Establish emergency access workflows equipped with automated expiration, full audit trails, and post-incident review requirements. Application-Level Access Control (RBAC / ABAC) Layered Enforcement: Design access models that cross multiple enforcement boundaries, including ASP.NET middleware, API gateways, and SQL Server database layers. Claims Mapping: Maintain the mapping between business roles, ASP.NET Identity/Claims, and database-level permissions (such as SQL Server roles and Row-Level Security). Tenant Isolation: Enforce tenant-scoped RBAC to ensure roles and claims are strictly bound to tenant context, architecturally preventing cross-tenant privilege escalation. Policy-as-Code: Write Open Policy Agent (OPA) / Rego policies to centralize fine-grained authorization, utilizing version control, automated testing, and staged rollouts in CI/CD. Multi-Cloud IAM Operations Cloud Hardening: Manage cloud-native IAM mechanisms, including AWS SCPs and Permission Boundaries; Azure RBAC and Managed Identities; and GCP Organization Policy Constraints. Least-Privilege Verification: Use automated tooling (permission analyzers, simulation tools) to discover and eliminate unused access before deployments go live. Machine Identities: Enforce short-lived credentials, workload identity federation, and secretless patterns for service accounts and machine-to-machine authentication. DevOps & SQL Infrastructure Access Pipeline Security: Secure access to CI/CD pipelines (Azure DevOps, GitHub Actions), artifact registries, and IaC codebases using federated workload identity (OIDC) rather than static keys. SQL Governance: Manage SQL Server database role hierarchies, schema-level permissions, Row-Level Security (RLS) policies, dynamic data masking, and Always Encrypted structures. Database DevOps: Design access controls for migration tools, analytics queries, and read-replicas to empower engineering velocity without providing permanent production database access. Database Auditing: Implement and monitor database audit logs to track privileged queries, schema alterations, and potential anomalous data access. AI & ML Pipeline Access Control Workload Identity: Ensure model training jobs, feature pipelines, and serving endpoints utilize scoped, short-lived credentials to access data. AI Component Protection: Define and implement access controls for vector databases, feature stores, and model registries to secure training datasets and model artifacts. Endpoint Authorization: Establish strict authorization policies controlling which roles or tenants can invoke AI endpoints, minimizing AI service account permissions. Data Boundary Enforcement: . click apply for full job details

Company Overview Starling is the UK's first and leading digital bank on a mission to fix banking! We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 4,000 people across our London, Southampton, Cardiff and Manchester offices. Our technologists are at the very heart of Starling and enjoy working in a fast paced environment that is all about building things, creating new stuff, and disruptive technology that keeps us on the cutting edge of fintech. We operate a flat structure to empower you to make decisions regardless of what your primary responsibilities may be, innovation and collaboration will be at the core of everything you do. Help is never far away in our open culture, you will find support in your team and from across the business, we are in this together! The way to thrive and shine within Starling is to be a self driven individual and be able to take full ownership of everything around you: From building things, designing, discovering, to sharing knowledge with your colleagues and making sure all processes are efficient and productive to deliver the best possible results for our customers. Our purpose is underpinned by five Starling values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Starling - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. In Technology, we're asking that you attend the office a minimum of 1 day per week. About the Role and Opportunity We're open minded when it comes to hiring and we care more about aptitude and attitude than specific experience or qualifications. The opportunity is to develop and deliver your managerial and leadership skills within the Cyber security group, we recognise that an individual's professional development, strengths and preferences will change over time and so will the demands and opportunities within the bank. We value people being engaged and caring about customers, caring about the code they write or the business systems and processes they develop to make Starling Secure. Essential Hands on experience with enterprise grade security tooling. Experience of delivering technology solutions in a highly regulated environment. Proven experience in IAM leadership with end to end exposure to identity governance and access management. Strong Knowledge of IAM principles and frameworks (e.g RBAC, PAM, SSO, MFA, Zero Trust). Demonstrated ability to lead and inspire cross functional teams. Design, development (including scripting and configuration) and continuous improvement of security solutions. Track record of delivery and service improvement. Strong communication and interpersonal skills including the ability to explain complex security concepts to technical and non technical audiences. Strong general Cyber Security domain knowledge, including Cloud security. Desirable Programming skills e.g. Python, Go, Java, Rust. Experience with security control frameworks such as NIST CSF, CIS benchmarks, ISO27001, SOC2. Demonstrated leadership in managing a technical team, providing support across operations, projects, and engineering. Experience implementing IAM solutions in hybrid or multi cloud environments. Experience of design and delivery related to Identity Management Systems, e.g. Okta, EntraID, Ping, etc. Experience of design and delivery related to Identity Governance Systems, e.g. Sailpoint, Saviynt, ConductorOne, etc. Experience with automation and developer tooling (CI/CD) and Infrastructure as Code. Understanding of best practice credential management practices. Understanding of modern authentication technologies, their application and strengths/drawbacks. Strong identity knowledge, including Privileged Access Management, Role Based Access Control and Identity Governance. Excellent verbal and written communication skills. Responsibilities Lead, mentor and develop the IAM team, building technical capability and strong stakeholder relationships. Contribute to and execute the IAM roadmap with the Information Security Lead - Identity and Access Management, ensuring alignment with business, compliance and security objectives. Oversee the full IAM lifecycle including identity governance, privileged access management, authentication, and authorisation. Ensure access controls, policies, processes and procedures meet regulatory, audit, and security requirements. Drive modernisation initiatives such as zero trust, adaptive authentication and cloud based IAM. Collaborate with the wider business functions to embed IAM across enterprise services. Provide reporting and insights into IAM programme health, risks, and progress for senior leadership. Organise and manage the team to ensure operational coverage and that staff are appropriately skilled. Responsible for the delivery of resilient Identity and Access Management services to the Bank. This includes both processes and technologies covering Identity Management, Authentication and Identity Governance. Responsible for the processes and controls governing access to COTS and bespoke Banking tooling, including Role Based Access Control. Collaborate with engineering and business teams to facilitate delivery, including: Review and analysis of proposed technical solutions and business processes to identify appropriate security controls. Input and guidance to security related technical architecture and design decisions. Code review of features and critical security components. Advising on remediation of security issues and processes to address root causes. Develop policies, standards, processes, guidelines, and documentation for consumption by internal teams. Triage and management of IAM security events including, where necessary, participation in IAM security incident management. Benefits 25 days holiday (plus take your public holiday allowance whenever works best for you). An extra day's holiday for your birthday. Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off. 16 hours paid volunteering time a year. Salary sacrifice, company enhanced pension scheme. Life insurance at 4x your salary & group income protection. Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton. Generous family friendly policies. Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks. Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing. Equal Opportunity Employer Starling Bank is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Starling Bank are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice.

London, United Kingdom Posted on 07/06/2026 Engagement:Inside IR35 Start Date:ASAP Overview We are supporting a leading investment banking client in London who is seeking an experiencedCyber Technical Delivery Managerto join a large-scale Cyber Security Transformation Programme. This role will be responsible for the successful delivery of complex cyber security initiatives across multiple technology domains, including Identity & Access Management (IAM), Security Operations, Cloud Security, Vulnerability Management, Data Protection, and Regulatory Compliance. The successful candidate will act as the bridge between technical engineering teams, cyber security stakeholders, business leaders, and third-party vendors, ensuring projects are delivered on time, within budget, and in line with regulatory and security requirements. Key Responsibilities Lead the end-to-end delivery of cyber security projects and workstreams. Develop and maintain project plans, milestones, RAID logs, budgets, and resource plans. Ensure delivery aligns with business objectives, security standards, and regulatory requirements. Manage dependencies across multiple technology and business teams. Drive project governance and reporting activities. Cyber Security Delivery Deliver initiatives across: Identity & Access Management (IAM) Privileged Access Management (PAM) Security Operations (SOC) SIEM Platforms Cloud Security Vulnerability Management Data Protection and DLP Security Monitoring and Threat Detection Secure File Transfer and Encryption Programmes Coordinate technical teams to ensure successful implementation of security controls and technologies. Stakeholder Management Engage with senior stakeholders across Cyber Security, Infrastructure, Cloud, Risk, Compliance, and Business Functions. Provide regular programme updates to senior management and governance forums. Manage relationships with third-party suppliers and technology vendors. Facilitate workshops, steering committees, and technical review sessions. Identify, manage, and mitigate project risks and issues. Ensure compliance with internal security policies and regulatory frameworks. Support audit, risk, and compliance activities. Track and report programme KPIs and delivery metrics. Requirements Required Skills & Experience Cyber Security Experience Strong understanding of enterprise cyber security principles and controls. IAM and Access Governance PAM Solutions SIEM and Security Monitoring Vulnerability Management Data Protection Security Compliance Programmes Familiarity with security frameworks and standards such as: NIST ISO 27001 CIS Controls Cyber Essentials Regulatory requirements within Financial Services Technical Knowledge Good understanding of: Microsoft Azure AWS Active Directory / Entra ID Security Monitoring Platforms Identity Management Solutions Network and Infrastructure Security Ability to engage effectively with technical architects, engineers, and security specialists. Delivery Management Proven experience delivering complex technology or cyber programmes within large enterprise environments. Strong project and programme management experience. Experience managing multiple workstreams simultaneously. Excellent RAID management and governance skills. Strong budget and financial management experience. Previous experience working within Investment Banking, Banking, or Financial Services. Experience delivering cyber security transformation programmes. Experience operating within regulated environments. Strong stakeholder management skills with the ability to engage at Executive and C-Level. Experience managing third-party suppliers and system integrators. Experience with: Microsoft Sentinel Splunk SailPoint CyberArk Okta CrowdStrike Microsoft Defender Suite Knowledge of DevSecOps practices. Exposure to cloud migration and security transformation programmes. Experience supporting regulatory remediation initiatives. Qualifications & Certifications One or more of the following would be advantageous: PMP CISSP CISM CISA CRISC Personal Attributes Strong leadership and organisational skills. Excellent communication and presentation abilities. Ability to influence stakeholders at all levels. Strong analytical and problem-solving mindset. Ability to operate effectively in fast-paced, complex environments. Self-motivated with a strong focus on delivery and outcomes. Successful delivery of cyber security projects and workstreams. Effective management of risks, issues, and dependencies. Timely implementation of security controls and technologies. Improved cyber security posture and compliance alignment. High-quality governance reporting and stakeholder engagement.

Cyber Technical Delivery Manager Location: London (Hybrid - 4 Days per Week Onsite) Contract Length:12 Months Engagement:Inside IR35 Industry:Investment Banking / Financial Services Start Date:ASAP Overview We are supporting a leading investment banking client in London who is seeking an experienced Cyber Technical Delivery Manager to join a large-scale Cyber Security Transformation Programme. This role will be responsible for the successful delivery of complex cyber security initiatives across multiple technology domains, including Identity & Access Management (IAM), Security Operations, Cloud Security, Vulnerability Management, Data Protection, and Regulatory Compliance. The successful candidate will act as the bridge between technical engineering teams, cyber security stakeholders, business leaders, and third-party vendors, ensuring projects are delivered on time, within budget, and in line with regulatory and security requirements. Key Responsibilities Programme & Project Delivery Lead the end-to-end delivery of cyber security projects and workstreams. Develop and maintain project plans, milestones, RAID logs, budgets, and resource plans. Ensure delivery aligns with business objectives, security standards, and regulatory requirements. Manage dependencies across multiple technology and business teams. Drive project governance and reporting activities. Cyber Security Delivery Deliver initiatives across: Identity & Access Management (IAM) Privileged Access Management (PAM) Security Operations (SOC) SIEM Platforms Cloud Security Vulnerability Management Data Protection and DLP Security Monitoring and Threat Detection Secure File Transfer and Encryption Programmes Coordinate technical teams to ensure successful implementation of security controls and technologies. Stakeholder Management Engage with senior stakeholders across Cyber Security, Infrastructure, Cloud, Risk, Compliance, and Business Functions. Provide regular programme updates to senior management and governance forums. Manage relationships with third-party suppliers and technology vendors. Facilitate workshops, steering committees, and technical review sessions. Risk & Governance Identify, manage, and mitigate project risks and issues. Ensure compliance with internal security policies and regulatory frameworks. Support audit, risk, and compliance activities. Track and report programme KPIs and delivery metrics. Requirements Required Skills & Experience Cyber Security Experience Strong understanding of enterprise cyber security principles and controls. Experience delivering projects involving: IAM and Access Governance PAM Solutions SIEM and Security Monitoring Cloud Security Endpoint Security Vulnerability Management Data Protection Security Compliance Programmes Familiarity with security frameworks and standards such as: NIST ISO 27001 CIS Controls Cyber Essentials Regulatory requirements within Financial Services Technical Knowledge Good understanding of: Microsoft Azure AWS Active Directory / Entra ID Security Monitoring Platforms Identity Management Solutions Network and Infrastructure Security Ability to engage effectively with technical architects, engineers, and security specialists. Delivery Management Proven experience delivering complex technology or cyber programmes within large enterprise environments. Strong project and programme management experience. Experience managing multiple workstreams simultaneously. Excellent RAID management and governance skills. Strong budget and financial management experience. Essential Experience Previous experience working within Investment Banking, Banking, or Financial Services. Experience delivering cyber security transformation programmes. Experience operating within regulated environments. Strong stakeholder management skills with the ability to engage at Executive and C-Level. Experience managing third-party suppliers and system integrators. Desirable Skills Experience with: Microsoft Sentinel Splunk SailPoint CyberArk Okta CrowdStrike Microsoft Defender Suite Knowledge of DevSecOps practices. Exposure to cloud migration and security transformation programmes. Experience supporting regulatory remediation initiatives. Qualifications & Certifications One or more of the following would be advantageous: PRINCE2 Practitioner PMP Agile Practitioner / Scrum Certification CISSP CISM CISA CRISC Personal Attributes Strong leadership and organisational skills. Excellent communication and presentation abilities. Ability to influence stakeholders at all levels. Strong analytical and problem-solving mindset. Ability to operate effectively in fast-paced, complex environments. Self motivated with a strong focus on delivery and outcomes. Key Deliverables Successful delivery of cyber security projects and workstreams. Effective management of risks, issues, and dependencies. Timely implementation of security controls and technologies. Improved cyber security posture and compliance alignment. High quality governance reporting and stakeholder engagement.

IGA Consultant Jobs in UK 2026 (GBP 80,000 to 100,000) Cybersecurity and identity management professionals seeking high paying opportunities in the United Kingdom can consider this Senior IGA Consultant position in London. This role offers visa sponsorship, competitive compensation, and the opportunity to work on enterprise scale identity and access management projects. Successful candidates will contribute to innovative security solutions while supporting major organisations in strengthening their identity governance frameworks. About the Role The Senior IGA Consultant will design, implement, and optimize Identity Governance and Administration solutions for enterprise clients. Depending on experience, candidates may join at either Senior Engineer or Architect level. The role focuses heavily on SailPoint technologies and requires close collaboration with stakeholders to deliver secure and scalable identity management solutions. Additionally, the successful candidate will support authentication initiatives, oversee identity lifecycle processes, and contribute to security best practices. This position combines technical expertise, consulting experience, and strategic problem solving within a rapidly evolving cybersecurity landscape. Job Duties Design and deliver Identity Governance and Administration solutions. Implement identity lifecycle management processes across organisations. Support joiner, mover, and leaver workflow implementation. Develop role based access control and segregation of duties frameworks. Configure certification and access review processes. Integrate identity platforms with business applications and directories. Support authentication initiatives including single sign on solutions. Implement multi factor authentication and passwordless technologies. Collaborate with stakeholders to gather business requirements. Produce technical documentation and implementation guides. Troubleshoot complex identity and access management issues. Mentor junior consultants and support knowledge sharing initiatives. Job Requirements Strong hands on experience with SailPoint platforms is required. Knowledge of IdentityNow, IdentityIQ, or SailPoint ISC is essential. Strong understanding of IAM and IGA concepts and frameworks. Experience with SSO, MFA, and identity federation technologies. Knowledge of Microsoft Entra ID or Azure Active Directory. Experience with LDAP, SAML, and OAuth protocols. Integration experience using REST, SCIM, or JDBC technologies. Experience working in client facing consulting environments. Strong communication and stakeholder management abilities. Cloud identity management experience is advantageous. Architect level applicants should possess solution design leadership experience. Competitive compensation, visa sponsorship, and professional development opportunities are offered.

Enterprise IAM Architect, GlobalLocation: can be based in one of our AIG offices in London (UK), Dublin (Ireland), Reston, VA (USA), or Charlotte, NC (USA)Make your mark in Information TechnologyAt AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Security Office (ISO) works closely with the Information Technology (IT) team equipping our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company's systems from security risks, while designing technology strategies that enable AIG's businesses to achieve their goals. Innovation in IT drives innovation across the organization.How you will create an impactThe Enterprise IAM Architect is accountable for defining and governing the enterprise Identity and Access Management (IAM) target state and shaping the transformation portfolio required to achieve it. This role sits within the Information Security Office (ISO), within the Enterprise Security Architecture function, focusing on process design, risk reduction, control effectiveness, and measurable business value.AIG currently operates an identity ecosystem that includes (as representative examples) technologies such as Microsoft Entra ID, hybrid Active Directory, Okta (Workforce and Customer Identity), SailPoint IdentityIQ (IIQ), Microsoft Intune, Windows Hello for Business, and HYPR. These are examples of the current operating environment; however, the role is not product-bound and is expected to remain outcome- and value-led.Delivery & Engagement ModelIAM delivery execution is managed through the ISO Program Management Office (PMO) in partnership with the relevant engineering, operational teams (e.g. IAM, security, infrastructure, and applications) and the business. This role shapes and governs delivery by defining architectural intent, control outcomes, sequencing, and design governance-ensuring initiatives remain aligned to roadmap objectives and value/risk outcomes.The Global, Enterprise IAM Architect will focus on group managed entities (e.g. US, EMEA and UK) and will support and guide the non-group managed entities (e.g. Israel, China).Strategic AccountabilityYou will be accountable for:Defining and maintaining the workforce IAM and customer IAM (CIAM) strategy and target-state architectureDeveloping and governing multi-year roadmaps, including transition states and sequencingWorking with other domain leads and architects to define IAM-related projects and transformation initiativesTranslating capability gaps and risk exposure into structured, fundable initiatives aligned to enterprise prioritiesEstablishing outcome measures and architectural guardrails to ensure initiatives deliver measurable risk and control improvementsProviding architectural governance and approval for identity-related initiatives, including standards, patterns, design reviews, and exception managementEnsuring alignment with wider enterprise security architecture direction, risk appetite, and regulatory obligationsOwned AccountabilityIn collaboration with other domain leads, architects, delivery stakeholders, operations, engineering and the ISO PMO, you own the development of identity-related project and program charters, including:Strategic rationale and business justificationRisk reduction objectives and control outcomesScope boundaries, assumptions, and architectural intentSuccess metrics and measurable value realizationDependencies, sequencing, and transition planningAlignment to enterprise portfolio/funding governance processesYou will ensure initiatives are well-framed, justifiable, architecturally coherent, and outcome-based before entering execution.Core ResponsibilitiesIdentity & Access Architecture & Control DesignDefine the workforce IAM and CIAM target state architectures, controls, standards, principles, and design patternsDevelop identity response strategies for emerging technologies, including IAM implications for Agentic AI and autonomous systems (e.g. non-human identities)Authentication & Endpoint-Integrated IdentityDefine and steer phishing-resistant and passwordless strategy (e.g., FIDO2/WebAuthn, device-bound authentication, platform authenticators)Define endpoint-integrated trust models in partnership with endpoint/EUC teams (e.g., Intune device posture, compliant device enforcement, conditional access integration)Technology Optimization, Value Realization & ROSIAs part of ongoing architecture governance, continuously evaluate and re-evaluate identity technologies and investments to maximise Return on Security Investment (ROSI), drive cost efficiency, identify optimisation opportunities, and ensure spend is aligned to measurable risk and control outcomesEnsure business cases and charters quantify expected value (risk reduction, incident reduction, operational efficiencies, productivity improvements, audit outcomes)IAM Sourcing & Operating ModelPlay an active role in defining and shaping the IAM sourcing approach and operating modelDefine architecture-led evaluation criteria and control outcomes to support build/buy/partner decisionsDefine and validate service boundaries, accountabilities (RACI), and governance forumsShape system integrator and managed service engagement models (where applicable) to ensure quality, control effectiveness, auditability, and sustainable run-state operationsGovernance & Partner OversightProvide architectural oversight of system integration partners and consultancies, validating deliverables and ensuring alignment to enterprise standards and target-state intentEnsure alignment to enterprise security architecture frameworks (e.g., SABSA, TOGAF) and industry frameworks (e.g., NIST, ISO/IEC), producing audit-defensible designsRequired Experience and Qualificationsin depth experience in cybersecurity and/or identity architecture (IAM/CIAM), including enterprise-scale transformationProven experience defining enterprise IAM/CIAM strategy, target-state architecture, and roadmapsDemonstrable experience shaping initiatives and developing project/program charters for portfolio governance and fundingExperience working effectively with PMO/program governance functionsExperience working with system integrators and consultancies, including architectural oversight and design authority engagementStrong knowledge of workforce and/or customer identity platforms and controls-examples include Entra ID, hybrid AD, Intune, Windows Hello for Business, Okta, SailPoint IIQ, HYPR (or equivalent)Knowledge of industry frameworks (NIST, ISO/IEC) and control-driven design in regulated environmentsStrong stakeholder management and executive communication skills (risk/value trade-offs, decision support, influencing without direct authority)Core CompetenciesMastery level knowledge of workforce IAM and customer IAMExperience of defining defendable / resilient security architecturesRisk- and controls-driven architecture with measurable outcomesTechnology-agnostic judgement; capability-first designROSI-led decision making and value realization thinkingGovernance and design authority leadershipCross-functional influence without direct delivery ownershipExecutive communication and facilitation of decisions and trade-offs AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.Enjoy benefits that take care of what mattersAt AIG, our people are our greatest asset. We know how important it is to protect and invest in what's most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security-as well as your professional development-to bring peace of mind to you and your family.Reimagining insurance to make a bigger difference to the worldAmerican International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world's most far-reaching property casualty networks. It is an exciting time to join us - across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.Welcome to a culture of inclusionWe're committed to creating a culture that truly respects and celebrates each other's talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG's greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to Area:IT - Information TechnologyAmerican International Group UK Limited, Ireland Branch & AIG Europe S.A. (Ireland Branch)

Saviynt's AI-powered identity platform manages and governs human and non-human access to all of an organization's applications, data, and business processes. Customers trust Saviynt to safeguard their digital assets, drive operational efficiency, and reduce compliance costs. Built for the AI age, Saviynt is today helping organizations safely accelerate their deployment and usage of AI. Saviynt is recognized as the leader in identity security, with solutions that protect and empower the world's leading brands, Fortune 500 companies and government institutions. Due to the nature of the UK Government projects this role supports, this position is classified as a Reserved Post. In accordance with the Civil Service Nationality Rules, paragraph 1 of Schedule 23 and paragraph 5 of Schedule 22 of the Equality Act 2010, we can only accept applications from persons with UK residency (at least five years). Successful candidates must undergo National Security Vetting (NSV). This role requires Security Check SC level clearance as a minimum. Any offer of employment is strictly conditional upon the candidate successfully obtaining and maintaining this clearance. To meet the vetting criteria, you will be required to have been resident in the UK for a minimum of 5 years immediately prior to your application. Failure to obtain clearance or a lapse in residency history may result in the withdrawal of the employment offer, and you will not be entitled to any compensation from Saviynt as a result. In line with the Immigration, Asylum and Nationality Act 2006, all shortlisted candidates will be required to provide original documentation verifying their Right to Work in the UK and their British Citizenship during the initial interview stage. We conduct thorough Baseline Personnel Security Standard (BPSS) checks as a precursor to all higher-level clearances. WHAT YOU WILL DO Communicate with end users and business stakeholders to clearly explain reported issues, impact, and recommended solutions Perform in-depth technical analysis for production incidents, including resolution and root cause analysis (RCA) Publish knowledge articles for incidents and service requests; create and maintain technical documentation and standard operating procedures (SOPs) Identify, debug, and troubleshoot break-fix issues through to full resolution Respond to and resolve issues within agreed service-level agreements (SLAs) Work closely with Engineering and DevSecOps teams to support IAM and CPAM service offerings Identify recurring issues and contribute to automation, runbooks, and knowledge reuse to improve operational efficiency WHAT YOU BRING Strong domain expertise in Identity and Access Management (IAM) Hands-on experience configuring and deploying one or more IAM tools such as Saviynt, SailPoint, Oracle Identity Manager (OIM), or IBM ISIM Experience invoking REST/SOAP web services using tools like Postman Database experience, including SQL and database operations Strong hands-on scripting experience (e.g., Shell, JavaScript, Python, Groovy) Working knowledge of operating systems such as Linux, Unix, and Windows Prior experience with integrations, and provisioning workflows across enterprise target system Experience working with global customers and a strong customer-first mindset Excellent written and verbal communication skills Minimum 2 years of experience implementing or supporting IAM / IGA or related solutions RESPONSIBILITIES FOR SECURITY & COMPLIANCE (IF REQUIRED) If required for this role, you will: Complete security & privacy literacy and awareness training during onboarding and annually thereafter Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as: Data Classification, Retention & Handling Policy Incident Response Policy/Procedures Business Continuity/Disaster Recovery Policy/Procedures Mobile Device Policy Account Management Policy Access Control Policy Personnel Security Policy Privacy Policy Saviynt is an amazing place to work. We are a high-growth, Platform as a Service company focused on Identity Authority to power and protect the world at work. You will experience tremendous growth and learning opportunities through challenging yet rewarding work which directly impacts our customers, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic environment you belong with us! Saviynt is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

IAM Engineer Position Description At CGI, we help clients strengthen their cyber resilience through secure, scalable identity and access management solutions that protect critical systems and enable business transformation. As an IAM Engineer, you will play a key role in delivering privileged access and identity governance capabilities across complex hybrid environments, helping organisations adopt modern security models while improving operational efficiency and compliance. Working alongside experienced cyber professionals, you'll have the opportunity to shape secure access strategies, contribute innovative ideas, and take ownership of high impact solutions using leading technologies including CyberArk, Microsoft Entra, and cloud based IAM platforms. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This is a hybrid position. Responsibilities Design, implement, support privileged access and identity governance solutions to strengthen security across enterprise environments. Work closely with security architects, infrastructure teams, and business stakeholders to deliver secure, scalable IAM capabilities that align with organisational and regulatory requirements. Leverage expertise in CyberArk and Microsoft Entra to modernise access controls, improve identity lifecycle management, and support Zero Trust security initiatives. Deliver innovative IAM solutions across hybrid and cloud environments, taking ownership of technical integrations, automation, and continuous improvement activities. Design & deliver secure privileged access management solutions using CyberArk PAS, EPV, PSM, and Privileged Cloud. Integrate and enhance IAM capabilities across enterprise platforms and cloud services. Support and optimise Microsoft Entra services including SSO, Conditional Access, and PIM. Develop and automate IAM workflows and integrations using PowerShell and APIs. Improve and govern identity lifecycle processes including Joiner/Mover/Leaver workflows and access certifications. Collaborate and advise on security architecture and modern access management strategies. Contribute and innovate within Zero Trust and cloud security transformation initiatives. Monitor and resolve IAM-related issues, ensuring secure and reliable service delivery. Required Qualifications Strong hands on experience with CyberArk PAS, EPV, and PSM. Proven experience with CyberArk Privileged Cloud including SIA and SCA. CyberArk Certified Delivery Engineer (CDE) certification. Strong understanding of IAM principles including RBAC, least privilege, and JML processes. Experience integrating CyberArk with enterprise systems and applications. Expertise in security architecture and IAM solution design within complex environments. Strong experience with Microsoft Entra (Azure AD), including SSO, Conditional Access, and PIM. Experience with IGA platforms such as SailPoint or Saviynt. Strong scripting and automation capability using PowerShell and APIs. Desirable Skills Knowledge of Zero Trust and modern access management models. Experience across cloud platforms including Azure, AWS, and GCP. Broader cyber security certifications such as CISSP or CCSP. Benefits Competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee.

CyberArk Engineer Position Description Trusted to see the whole picture If you're ahead of the game on cyber security, systems and operations risk we can secure your career ambitions. We are looking for an experienced and highly skilled CyberArk Engineer to join our team. The ideal candidate will have a strong track record in deploying and integrating CyberArk solutions, particularly in secure environments. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance. Responsibilities This role requires deep knowledge of Identity and Access Management (IAM) and the ability to operate effectively within complex infrastructures. Experience with broader IAM solutions, such as Identity Governance and Administration (IGA) and cloud-native or standalone access control systems, is a plus. Qualifications Proven track record as a CyberArk Engineer with hands on experience in deploying, integrating, and managing CyberArk solutions. Certifications: Certified Delivery Engineer (CDE) CyberArk Expertise: Extensive experience in deploying and integrating CyberArk solutions with various targets, including but not limited to: Active Directory LDAP directories Network appliances Databases Technical Proficiency: In-depth knowledge of CyberArk's suite of products, including: Privileged Access Security (PAS) Enterprise Password Vault (EPV) Privileged Session Manager (PSM) Integration Experience: Strong understanding of how to integrate CyberArk with other security tools and infrastructure components. IAM Solutions: Experience in deploying broader IAM solutions such as IGA (e.g. Sailpoint) and other access control systems. A proven ability to define and implement IAM strategies in large-scale infrastructures. Advantageous Skills Cybersecurity certifications, such as CISSP or CCSP. Familiarity with regulatory and compliance requirements in secure environments.