Senior Identity Access Management (IAM) Engineer - Identity Governance

  • Jobtailor
  • Edinburgh, Midlothian
  • 11/07/2026
Full time Information Technology Telecommunications

Job Description

Responsibilities
  • Design automations/workflows and manage identity governance and assurance (IGA) controls and platforms to support user provisioning, deprovisioning, access requests and UARs/access recertifications.
  • Implement automation for these processes, streamline the end user experience and internal IT provisioning/entitlement processes, and utilize AI for efficiency where possible.
  • Design, manage and mature role-based access control (RBAC) to enforce least privilege access so that each user and device gains access only to the specific applications or data necessary for their roles, limiting exposure and minimizing the risk of data breaches or unauthorized access.
  • Develop, validate, and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for IGA team technologies and processes.
  • Investigate and respond to identity-related incidents, violations, and anomalous access behavior identified in IGA monitoring and reporting systems.
  • Continuously monitor data access activity, identify potential security risks, and maintain a clear audit trail of data access events.
  • Collaborate with IT, HR and other business partners to develop, refine, automate and streamline identity lifecycle processes (joiner/mover/leaver provisioning, de-provisioning), and establish birthright entitlement structures and mature identity verification processes.
  • Collaborate across compliance and IT teams to align Identity Governance with regulatory requirements (e.g., SOX, CMM, TISAX, HIPAA).
  • Promote adherence to Information Security Policies and participate in ongoing updates to policies as needed for alignment with IDAM technology roadmaps and capabilities and/or to address Information Security risks.
  • Monitor and remediate orphan accounts, access violations, and segregation of duties (SoD) conflicts.
  • Troubleshoot identity-related issues and provide Tier 3 support for Cyber Identity-related incidents.
  • Automate workflows using PowerShell, Python, or similar scripting languages.
  • Participate in ongoing auditing and risk assessments, and implement audit recommendations.
  • Work with Cyber Identity Governance team members to manage all aspects of the User Access Review (UAR) process for enterprise-supported access programs, including regulatory environments/applications; plan and execute quarterly UARs and mature the automation around these processes.
  • Ensure all evidence of authorization is documented and archived according to internal standards.
  • Identify and engage with participating system partners across the company to ensure readiness and engagement for regular UARs.
  • Produce and maintain data reporting, analysis, dashboards and scorecards in support of overall UAR health, execution, and closure.
  • Collaborate with IT IAM leads and IT business managers to understand new business requirements and design solutions that align with enterprise policy, standards and industry best practices for identity security.
  • Directly support the Delinea PAM platform architecture and configuration, successful migration to Delinea's SAAS platform, and support for on-prem instances in regulated enclaves.
  • Ensure Privileged Roles are managed to policy and standards, and comply with regulatory obligations (SOX, CMMC, TISAX, HIPAA, etc.).
  • Continue to support and refine technical PAM solutioning that aligns to enterprise architecture strategies and current state environments, supporting various business use cases and proactively defend against evolving security risks.
  • Develop, validate, and maintain detailed documentation on SOPs, system configurations, and technical settings for internal team use, end-user support, and other business teams as needed.
  • Stay current with emerging IAM, PAM and IGA technologies, industry security best practices and regulatory compliance changes which would introduce new identity-specific control requirements.
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, or related field.
  • Minimum 7-9 years of experience, 10+ preferred, within IT, IAM or Cyber Security, with hands-on experience in Identity and Access Management or related security roles.
  • Minimum of 5 years working with common industry IGA solutions (e.g., SailPoint, Saviynt) including application onboarding, development and configurations of identity workflows and automations.
  • Understanding of Privileged Access Management (PAM) and Identity Management/IAM Governance principles.
  • Knowledge of Active Directory, Microsoft Entra, LDAP, Redhat Identity solutions and SSO including deployment, administration, and troubleshooting.
  • Hands-on experience with IGA tools (e.g., SailPoint, Saviynt).
  • Hands-on experience with Privileged Access Management Solutions (particularly Delinea). This includes deployment, integrations, engineering, and adoption strategies of PAM for large-scale enterprises, including secrets key management on multi-cloud environments (AWS / Azure), DevOps and orchestration platforms.
  • Strong understanding of identity lifecycle, RBAC, policy-based access controls.
  • Strong understanding of Active Directory, Azure AD/Entra, Group Policy and cloud identity models.
  • Strong knowledge of Conditional Access policy configurations in AD/Entra, as well as MFA (DUO and Microsoft Authenticator).
  • Demonstrated expertise in leading strategic, organization-wide identity and security initiatives; providing reports to executive stakeholders; and facilitating successful adoption.
  • Knowledge of security frameworks (NIST, ISO 27001) and regulatory compliance requirements (SOX, CMMC, PCI, etc.).
  • Proficiency in scripting and automation (PowerShell, Python).
  • Excellent problem-solving and communication skills.
  • Familiarity with principles of ZTNA, specifically Identity verification methods, technologies and architectures.