Infrastructure & Identity Access Management (IAM) Architect

Job Title: Infrastructure & Identity Access Management (IAM) Architect

Location: London (Hybrid)
Contract Type: Permanent

Overview

We are seeking a senior Infrastructure & IAM Architect to lead the design, evolution, and governance of identity, access management, and supporting infrastructure within a global professional services environment.

This is a strategic architecture role with deep hands-on influence, focused on enterprise-scale IAM, privileged access, authentication, and zero trust principles across hybrid and cloud platforms. You'll work closely with Security, Platform Engineering, and Infrastructure teams to strengthen identity security, reduce risk, and improve user experience at global scale.

The role suits an experienced IAM architect who enjoys setting standards, driving modern identity practices, and influencing senior stakeholders across a complex organisation.

Key Responsibilities Identity & Access Architecture

• Define and maintain enterprise IAM architecture, covering identity life cycle, access governance, and privileged access management.

• Design secure authentication and authorisation patterns using OpenID Connect, SAML, OAuth, Kerberos, and LDAP.

• Lead implementation of Conditional Access, risk-based authentication, and device/state-based access controls.

• Embed zero trust and least-privilege principles across all enterprise applications and privileged roles.

Privileged Access & Security Integration

• Architect and enhance Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring.

• Champion identity threat detection and response (ITDR) approaches to mitigate identity-based attacks.

• Integrate IAM with HR, IT, and engineering systems to support automated joiner/mover/leaver processes.

• Assess IAM-related vulnerabilities and design remediation strategies.

Infrastructure & Governance

• Own global Firewall architecture and design, aligning identity, network, and access strategies.

• Support Azure Policies, guardrails, and audit readiness aligned to security and compliance standards.

• Guide the hardening and operation of Active Directory (on-prem and Entra ID/Azure AD).

• Produce reference architectures, design standards, runbooks, and technical documentation.

Strategy, Collaboration & Innovation

• Track emerging IAM technologies (eg passwordless, adaptive access, decentralised identity).

• Work with vendors on roadmaps, governance, and security notifications.

• Communicate architectural decisions clearly to senior IT and business leaders.

• Promote consistent identity and infrastructure standards across regions.

Skills & Experience Experience

• 7-10 years' experience in IAM, identity engineering, or architecture within large or enterprise environments.

• Strong experience leading complex IAM design initiatives at scale.

• Background in global or multi-jurisdictional organisations strongly preferred.

Technical Expertise

• Deep expertise in Microsoft identity platforms (Entra ID/Azure AD, on-prem AD).

• Strong hands-on experience with RBAC, entitlement management, and automated provisioning.

• Proficiency with PowerShell and REST APIs for identity automation.

• Understanding of network security concepts and their interaction with IAM (Firewalls, segmentation, remote access).

• Experience with Azure Policy, landing zones, and security guardrails.

Certifications (Required/Preferred)

• Microsoft Certified: Identity and Access Administrator Associate (required).

• CISSP (preferred).

• Azure Cybersecurity Architect/Expert (preferred).

• CIAM or equivalent identity certifications (highly desirable).

Personal Attributes

• Strong communicator able to explain complex identity concepts clearly.

• Confident, consultative, and comfortable challenging the status quo.

• Highly collaborative across security, engineering, and business teams.

• Structured, detail-oriented, and resilient under pressure.

• High discretion when handling sensitive information.

Why Apply?

This is a high-impact architecture role offering ownership of identity and access strategy at enterprise scale. You'll shape modern IAM practices, influence security posture globally, and work with cutting-edge Microsoft identity technologies in a complex professional services environment.