The Opportunity
Identity is the new perimeter. As organisations navigate increasingly complex threat landscapes, the integrity of who can access what — and how that access is granted, governed, and revoked — has never mattered more.
This is a hands-on engineering role for a practitioner who has moved beyond theory and into the architecture, build, and operationalisation of enterprise IAM systems. You will own meaningful delivery: from proof-of-concept through to production, with real influence over how authentication and authorisation controls are shaped across on-premises and cloud environments.
What You'll Be Doing
- Designing and implementing enterprise-grade IAM solutions, with particular depth in SSO, MFA, and federated identity
- Evaluating existing IAM architectures and identifying gaps across identity lifecycle, access governance, authentication mechanisms, and entitlement controls
- Working across IAM standards and protocols — SAML, OAuth, OpenID Connect, SCIM, LDAP — and applying them appropriately across IaaS, PaaS, and SaaS environments
- Contributing to the development of security operating models and technical documentation that support scalability and long-term operational sustainability
- Partnering with infrastructure, cybersecurity, and business stakeholders to align IAM design decisions with organisational risk appetite
- Leading or contributing to IAM project delivery, including managing workstreams, coordinating with cross-functional teams, and keeping senior stakeholders informed of progress
- Producing detailed low-level design artefacts and guiding implementation through to handover
What You Bring
- Proven hands-on experience delivering IAM solutions in enterprise environments — identity governance, privileged access, or federation tooling (e.g. SailPoint, CyberArk, or equivalents)
- Demonstrated experience with SSO and MFA engineering and implementation, across on-premises and cloud-connected environments
- Strong grasp of authentication and authorisation across hybrid and multi-cloud environments, including AWS and Azure
- Proficiency in IAM-adjacent domains such as secrets management and certificate lifecycle management
- Scripting capability in one or more of: Python, PowerShell, JavaScript, Java, or Node.js; comfortable working with REST APIs, SQL, and JSON
- Familiarity with DevSecOps practices, CI/CD pipelines, and Infrastructure as Code
- Experience consulting with senior stakeholders on design decisions, delivery scope, and implementation progress
- Relevant certifications (CISSP, CISM, SailPoint, CyberArk or similar) are a plus, not a prerequisite
Who This Role Suits
Beyond the obvious pathways, this role is a strong fit for engineers who have built IAM expertise through systems integration, professional services, or presales — backgrounds that often produce practitioners with unusually broad platform exposure and strong stakeholder communication skills.
