IAM Engineer

Identity & Access Management (IAM) Engineer

About the Role

We are looking for an experienced Identity & Access Management (IAM) Engineer to join a growing IT Security function within a fast-moving digital assets and financial technology environment. This role is focused on designing, implementing and optimising IAM and Privileged Access Management (PAM) solutions across both on-premise and cloud platforms.

You will play a key role in strengthening security posture, ensuring regulatory compliance and improving the overall user access experience across the organisation.

Key Responsibilities

• Design, develop, implement and maintain IAM and PAM solutions for on-premise and cloud workloads.

• Support user onboarding and offboarding processes to IAM/PAM platforms, streamlining workflows and reducing access turnaround times.

• Identify and recommend architectural improvements to mitigate evolving cybersecurity threats relating to identities, authentication, authorisation and entitlements.

• Ensure IAM/PAM solutions align with relevant regulatory and compliance requirements (e.g. MAS, FSRA) and maintain supporting policies, procedures and standards.

• Support audit, governance and regulatory activities relating to IAM and PAM.

• Perform administration tasks including provisioning/deprovisioning, SSO and MFA implementation, and user lifecycle management across applications.

• Conduct periodic access reviews and attestations.

• Adhere to established change management processes.

• Create and maintain detailed documentation, SOPs and configuration records.

• Collaborate with internal IT teams and external vendors to implement and manage IAM/PAM initiatives.

• Contribute to and support broader IT and security projects across the organisation.

Requirements

Core Experience

• Strong understanding of IAM principles and Zero Trust frameworks.

• Familiarity with compliance and security standards such as ISO 27001, NIST 800-53, SOX, GDPR, PDPA.

• 4+ years' hands-on experience designing and implementing IAM and PAM solutions using tools such as SailPoint, Okta, CyberArk or equivalent platforms.

Technical Expertise

Directory Services Administration

• Active Directory (AD) and Azure Active Directory (Entra ID)

• User and group management, OUs, GPOs

• Password and account lockout policies

• LDAP, Kerberos authentication

• Domain trusts, replication and federation (ADFS, SAML)

Authentication & Authorisation Technologies

• Password-based and certificate-based authentication

• MFA, SSO, SAML, OAuth 2.0, OIDC

• Okta, PingFederate, Entra ID

Privileged Access & Lifecycle Management

• PIM/PAM systems

• JIT and JEA principles

• Provisioning and JML workflows

• Tools such as CyberArk and BeyondTrust

Scripting & Automation

• CLI, PowerShell, Bash or similar

Additional Skills

• Vendor management and stakeholder engagement.

• Strong analytical and problem-solving capability.

• Clear communication skills, able to translate technical concepts to non-technical audiences.

• Adaptable mindset with commitment to staying current with IAM/PAM technologies and best practices.

Desirable

• Relevant industry certifications (e.g., Certified Identity and Access Manager or equivalent).

To speak in absolute confidence about this opportunity please send an up-to-date CV via the link provided or contact Senior Recruitment Consultant Stuart Kennedy at MCS Group on 02896935520 or s.kennedy@mcsgroup.jobs.

Even if this position is not right for you, we may have others that are. Please visit MCS Group to view a wide selection of our current jobs.