Identity Access Management Architect Engineer Cyber Consulting

Oliver James is partnered with a globalcyber security consulting practice undergoing significant growth – with a particular focus on Identity & Access Management (IAM). The practice are seeking to speak toIAM specialists across Delivery, Architecture & Engineering.

Candidates based in London, Manchester, Reading or Bristol are preferred – working on a hybrid basis. Packages range from £80,000 – £120,000 basic plus extras including flexible benefits packages, car allowances, bonuses and extras.

Overview

Our client is seeking experienced Identity & Access Management professionals with a strong background in architecture and engineering. The ideal candidates will be proficient in designing, implementing and testing identity and access management solutions. The ability to maintain and operate the technology is considered a strong asset.

This role will involve working closely with cross-functional teams to ensure seamless deployment and integration of identity solutions, as well as contributing to the ongoing operation and maintenance of IAM technologies across our clients. As part of this role, you will be expected to:

• Define IAM use cases, functional and non-functional solution requirements, and technical specifications, such as those for user authentication, access control, integration, performance and scalability requirements and specifications.
• Design and architect IAM solutions by creating high-level and low-level designs that align with business objectives and comply with industrycybersecurity standards (e.g.,NIST). For example, this includes:
  • Creating high-level and low-level system architecture diagrams with technical descriptions of each component.
  • Defining the dependencies to implement the solution, e.g., network rules, server resources, storage requirements.
  • Defining the system specifications to support optimal performance.
  • Integrating workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions, multi-factor authentication solutions, and cloud platforms like Amazon Web Services (AWS) and Azure.
  • Defining the Responsible, Accountable, Consulted, and Informed (RACI) matrix to operate and maintain the solution’s infrastructure components.
• Develop technical documentation for IAM implementations including process documentation to enable solution operation (e.g., defining processes for user onboarding, access requests, identity governance, approval workflows, authentication workflows, and provisioning/deprovisioning tasks).
• ImplementIAM solutions:
  • Install solution components in on-premise environments where relevant, or configuration of cloud components (and scripting / coding of plug-ins / extensions for cloud solutions)
  • Work with IT infrastructure teams to ensure pre-requisites and dependencies have been met and are in place.
  • Integrate IAM solutions with existing enterprise applications/systems such as directories, cloud applications, HR systems and third-party identity providers.
• Execute unit, integration, functional and non-functional testing for IAM solutions. As part of this, troubleshoot and resolve issues (e.g., authentication failures, access policy conflicts, and user provisioning errors) by working with vendors.
• Delivery services post-implementation, from hyper-care support, resolving additional issues in production through advanced troubleshooting and debugging to ensure smooth operation.
• Conduct knowledge transfer to client IAM teams through technical training sessions on operating and maintaining the solution, empowering clients to effectively manage and support the IAM environment.

Technical Skills Desired:

• Broad enterprise identity experience across IGA, PAM, AM, AD, CIAM, with demonstrable ability to build identity strategies which integrate into client enterprise architectures and beyond.
• Experience in working with IGA, PAM, AM, AD, CIAM solutions such as SailPoint, Saviynt, etc.
• Experience working in a digital transformation environment supporting the definition of Identity architecture leveraging cloud native and/or other IAM solutions.
• Advanced, practical experience of cloud hosting services including, Amazon Web Services, Microsoft Azure, Google Cloud Platform.
• Hands-on experience of Microsoft Active Directory/Azure AD Domain Services, Federation Services, Certificate Services, DNS and DHCP.
• Understanding of decentralised identity, verifiable credentials, microservices and Trust over IP architecture stack.

In addition to the above the following are desirable:

• Understanding of malware and the modern threat landscape
• Relevant certifications (e.g. CIAM, CISSP, CAMS, etc.)
• Exposure to/Understanding of DevOps tools and repositories (e.g. Git, Azure Dev Ops, Kubernetes, Docker, Jenkins, Ansible etc.)
• Role based access control (RBAC) design
• Practical experience with Linux operating systems
• Experience with Modern Authentication concepts e.g. Self-Service Identity, Bring your own Identity, SCIM, SAML, WS-Federation, OAuth, Open ID Connect

Soft Skills:

• Experience with waterfall and agile type methodologies, often working within client specified frameworks.
• Managing teams across a mix of locations, cultures, and experience levels.
• Strong interpersonal and relationship skills to manage a variety of client stakeholders from CISO to Developer.
• Detail oriented and strong problem-solving skills.