Own identity security architecture, standards, and policies across Active Directory, Microsoft Entra, PAM, and IAM/IGA platforms.
Lead the design and governance of identity lifecycle management (joiners/movers/leavers, RBAC, certifications, segregation of duties) with automation at the core.
Establish and mature a Zero Trust-aligned identity reference architecture, embedding preventive, detective, and responsive controls.
Drive security posture management and hardening of AD and Entra, treating identity as critical enterprise infrastructure.
Engineer and govern IAM workflows (e.g. SailPoint) covering provisioning, deprovisioning, access reviews, and role models.
What’s Needed
12+ years’ industry experience, including 8+ years in hands-on identity security or IAM engineering roles.
Deep enterprise experience securing and governing Active Directory and Microsoft Entra (Azure AD).
Proven track record designing and implementing identity lifecycle and privileged access management controls.
Strong knowledge of IAM principles including least privilege, RBAC, access reviews, segregation of duties, and lifecycle governance.
Experience implementing Zero Trust identity patterns and secure-by-design authentication/authorisation models.
Engineering capability across leading identity platforms such as SailPoint, CyberArk, BeyondTrust, Microsoft Defender for Identity, CrowdStrike Identity, or Silverfort, with automation skills (PowerShell or similar).
