Identity and Access Management (IAM) SME

Identity and Access Management (IAM) SME - Principal - London

About your role

We are seeking an experienced Identity and Access Management (IAM) SME to join our dynamic consultancy team. The successful candidate will have over 5 years of experience in IAM, with a strong technical background and a deep understanding of identity management solutions and best practices. This individual will be responsible for designing, implementing, and managing IAM solutions across various industries, ensuring secure and efficient access to systems and data.

The IAM SME will also be expected to provide expert advice on IAM strategies, mentor junior team members, and ensure that IAM solutions align with business goals and regulatory requirements.

As an IAM SME, you will be at the forefront of securing the identities and access of our clients, shaping the future of IAM, and working alongside some of the brightest minds in the industry. This is a highly technical role, ideal for a passionate IAM professional looking to have a tangible impact on real-world security challenges.

Key Responsibilities:

1. Collaborate with senior stakeholders and technical teams to identify and address IAM requirements across multiple sectors.
2. Design and implement robust IAM solutions, ensuring systems are secure, scalable, and compliant with regulatory frameworks.
3. Develop and maintain the strategic vision and technical roadmap for IAM, ensuring alignment with evolving technologies, business needs, and industry best practices.
4. Serve as the technical authority on all IAM decisions, providing guidance and escalation support for lower-level IAM specialists.
5. Implement and manage identity governance and administration (IGA) solutions, including user provisioning, role-based access control (RBAC), and access certification.
6. Proactively assess and mitigate risks related to identity and access management by applying risk-based methodologies and providing expert advice on the trade-offs between security, cost, and performance.
7. Ensure the integration of IAM considerations into the broader enterprise architecture, influencing organizational policies, technology selection, and development methodologies.
8. Drive the adoption of Secure by Design principles, ensuring that IAM is an integral part of the system development lifecycle from inception through deployment.
9. Perform access reviews, identity lifecycle management, and security testing across IAM solutions, guiding teams on best practices for secure design and development.
10. Engage with industry bodies and regulatory frameworks to ensure alignment with security standards such as ISO/IEC 27001, NIST, and GDPR.
11. Conduct technical reviews of third-party IAM solutions and vendor offerings, ensuring that external products meet internal security standards.
12. Act as a subject matter expert (SME) in IAM technologies, advising on advanced areas such as multi-factor authentication (MFA), single sign-on (SSO), and privileged access management (PAM).
13. Monitor and analyse emerging IAM threats, vulnerabilities, and risks, ensuring that IAM solutions evolve to counter new attack vectors and threats.

Requirements

1. Have a broad business skill set including stakeholder management, problem-solving, and resilience.
2. Have experience in gathering, validating, synthesizing, documenting, and communicating data and information for a range of audiences.
3. Have excellent interpersonal skills and strong written and verbal communication skills in country's official language(s) (C2 proficiency) and English (C2 proficiency), project-related mobility/willingness to travel.

Essential Skills and Experience:

1. Deep expertise in IAM, with hands-on experience in designing and implementing IAM solutions, including cloud environments (AWS, Azure, or GCP).
2. Proficient in securing identities, managing access controls, and protecting data, with a solid understanding of modern cryptography, PKI, and IAM best practices.
3. Comprehensive knowledge of emerging IAM technologies and trends, including Zero Trust architectures, DevSecOps, and microservices.
4. Extensive experience in identity governance, access management, and advanced threat mitigation techniques.
5. Expert-level understanding of IAM frameworks and regulations (e.g., ISO/IEC 27001/27002, NIST, NIS2, GDPR, PCI-DSS).
6. Proven experience managing IAM projects, balancing security objectives with business and operational needs.
7. Strong leadership skills, with experience leading and mentoring technical teams across diverse IAM disciplines.
8. Experience with IAM automation and orchestration tools, including the integration of IAM tools in CI/CD pipelines (DevSecOps).
9. Excellent understanding of cloud IAM architecture, particularly for securing hybrid and multi-cloud environments, and cloud-native applications.
10. Strong knowledge of IAM incident management and response strategies, with experience supporting SOC teams in investigating IAM-related security breaches and coordinating responses.

Qualifications:

1. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
2. Additional certifications in IAM or cloud security (e.g., AWS Certified Security Specialty, Azure Security Engineer, Certified Identity and Access Manager (CIAM)).
3. Experience in pre-sales and bid writing for IAM engagements.
4. Experience leading IAM programs in complex environments, working with a variety of sectors such as Financial Services, Energy & Utilities, Consumer, Retail, and Logistics.
5. Expertise in IAM standards, policies, and regulatory requirements.

Personal Attributes:

1. A proactive problem-solver with a passion for IAM and a commitment to excellence.
2. Strong ability to communicate complex IAM concepts to both technical and non-technical stakeholders.
3. A mentor and leader who can inspire, motivate, and guide a team of IAM specialists.
4. Able to handle pressure in high-stakes situations, maintaining a focus on delivering secure and effective IAM solutions.
5. Customer-focused, with a proven ability to build relationships and trust across a wide range of stakeholders.
6. Flexible and adaptable, with the ability to thrive in fast-paced, dynamic environments.

Benefits

Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please apply now.