Senior IAM Engineer (Identity and Access Management)

Essential Criteria

• Proven experience applying Identity & Access Management (IAM) principles including Authentication, Authorisation, Access control models (RBAC / ABAC / PBAC), identity lifecycle management (Joiners / Movers / Leavers) and Zero Trust.
• Hands-on experience designing or leading AI driven initiatives within IAM or Cybersecurity.
• Strong ability to analyse identity telemetry (audit logs, sign in logs, access data) and translate insights into actionable improvements
• Extensive hands-on experience with Microsoft Entra ID (Azure AD), including:
• Users, Groups (static & dynamic), roles, service principals, app registrations
• Directories, Tenants, Objects, and Attribute Structures
• Conditional Access policies, SSPR, Access Packages, MFA and Passwordless authentication (e.g. Windows Hello for Business, FIDO2)
• Identity governance activities including Access reviews, Entitlement Management and access control models.
• MS and 3rd party Agentic AI agents governance and lifecycle management.
• Solid engineering experience in Active Directory:
• User and group management, OU design, Group Policy Objects (GPOs), LDAP
• Hybrid identity integration (Azure AD Connect / Cloud Sync)
• Tiering Model and Domain Controller full recovery
• Experience working with Identity Governance tooling such as Saviynt / SailPoint or any other similar product.
• Ability to define AI use cases and requirements aligned to Agent identity governance, Agent lifecycle management, designing controls for effective risk reduction
• Strong understanding of identity threat landscape and how AI can be applied to detect and mitigate risks
• Experience in gathering high level technical requirements, discuss with stakeholders to break it down to detailed requirements along with timeline and communicate to the engineers
• Experience mentoring or coaching engineers, provide technical advice to the team and contributing to team standards and best practices
• Work with Engineering and Product Manager to deliver technical milestones in line with product and business strategy.
• Work collaboratively with IT, product teams, Security Operations Centre, Security Analysts, Security Architects and end users to support IAM solutions and to ensure secure delivery, safeguarding both colleague and customer data.
• Exhibit excellent communication and presentation skills, able to convey complex issues and findings clearly and effectively.
• Demonstrates a strong technical mindset with the ability to analyse complex IAM and AI challenges, make sound architectural and engineering decisions, and proactively remove technical or organisational blockers to enable effective and timely delivery.
• Maintains a commitment to continuous learning while building strong, trusted relationships with technical teams, security partners, and business stakeholders to drive collaboration, capability uplift, and shared ownership of outcomes.

Additional Criteria

• Experience using AI and machine learning concepts to analyse identity related data (e.g. sign in logs, access patterns, usage trends)
• Knowledge of AI assisted automation use cases within IAM:
• Access or sign in anomaly detection
• Risk based access decisions
• Intelligent access reviews or entitlement recommendations
• Experience with Microsoft security and analytics tools (e.g. Entra ID logs, Azure Monitor, Log Analytics, Sentinel).
• Understanding of ethical AI and responsible use of AI, especially in security sensitive and personal data contexts.
• Exposure to Privileged Access Management (PAM) solutions and rolebased privileged access
• Familiarity with data governance, data quality, and information security principles, particularly where AI models consume identity data.
• Strong focus on security, governance, and continuous improvement
• Relevant professional certifications (or actively working towards), such as:
• Microsoft Identity or Security certifications
• AI / data analytics certifications
• CISSP, CISM, or equivalent