Identity Architect

Identity Architect

We are recruiting for an Identity ARcjitect to join one of our Insurance clients on a 6-month contract.

Inside IR35

Hybrid

Responsibilities

• Translate organisational identity strategy into clear, actionable architectural deliverables across human, non-human, client, and application identity domains.
• Design and deliver enterprise IAM solutions supporting Zero Trust, IGA, PAM, Machine Identity, PKI, Hybrid Identity, and Tenant Hardening.
• Produce high-quality architecture artefacts including HLDs, LLDs, design patterns, standards, and technical decision records.
• Lead solution design across Entra ID modernisation, PAM (JIT, PIM, role modelling, access packages), IGA, and identity resilience/recovery models.
• Provide architectural guidance across complex, multi-tenant and cross-environment identity challenges.
• Embed governance and compliance aligned to NIST, ISO 27001, SOC2, audit requirements, and JML lifecycle standards.
• Support design approvals, risk assessments, third-party reviews, and audit remediation activities.
• Collaborate with IAM engineering, cloud, and security teams to ensure scalable, operable implementations.
• Guide BAU teams on adoption of identity technologies, patterns, and operational best practices.
• Contribute to advanced identity capabilities such as PKI, CIEM, machine identity, secrets management, and cross-tenant architectures.

Experience

• Extensive experience as an Identity Architect delivering enterprise-scale IAM solutions.
• Deep expertise in Microsoft Entra ID, Azure, hybrid identity, authentication, authorisation, and federation models.
• Strong background in Privileged Access Management (PAM), Identity Governance (IGA), and identity resilience/recovery architecture.
• Proven experience designing and implementing Zero Trust identity models.
• Strong understanding of security controls, audit processes, risk management, and compliance frameworks (NIST, ISO 27001, SOC2).
• Experience producing high-quality technical and architectural documentation.
• Broad knowledge across cloud platforms (Azure, AWS, OCI), infrastructure, and security frameworks.
• Exposure to PKI, certificate lifecycle, machine identity, secrets management, and Active Directory recovery/resilience.
• Experience working with multi-tenant environments, conditional access, and environment isolation strategies.
• Background supporting large programmes involving vendors such as Microsoft, CyberArk, SailPoint, and Rubrik.

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.