IAM Architect

Role Overview We are looking for a Security & Identity Architect to join on a permanent, full-time basis across offices in Sunderland, London, Derby, or Thurmaston. The role is a strategic and technical leadership position responsible for embedding Security by Design principles across the organisation, assuring secure solution design throughout the project lifecycle, and establishing governance frameworks around identity and access management.

Key Responsibilities

  • Review, improve, and roll out a group-wide project assurance framework to evaluate initiatives against non-functional security requirements, providing oversight and guidance to ensure alignment with enterprise security standards prior to go-live
  • Define and maintain non-functional security requirements (NFRs) across the organisation, identifying and tracking security-related technical debt for new systems that fall short of required controls
  • Drive the implementation and governance of IAM frameworks including MFA, PIM, Conditional Access, RBAC, and PAM to enforce a zero-trust security model across key systems
  • Collaborate with architecture, infrastructure, and delivery teams to champion security by design, representing information security on the change advisory board and stage gate reviews
  • Support M&A processes by assessing security architecture risks for newly acquired or offboarded entities, and contribute to group-wide InfoSec KPI setting and monitoring

Top 5 Skills

  • Demonstrable experience designing and implementing security architecture solutions in complex organisations, with strong knowledge of secure software development lifecycles and security by design principles
  • Broad IT security knowledge spanning IAM, authentication, SSO, authorisation, network and endpoint protection, vulnerability management, cloud security, and cryptographic services
  • Hands-on experience with cloud platforms (Azure, AWS), DevSecOps practices, and infrastructure as code
  • Experience establishing and governing IAM frameworks including identity lifecycle management, RBAC, PAM, and zero-trust enforcement
  • Strong communication, influencing, and stakeholder management skills with the ability to articulate technical security risks to senior leaders and drive risk sign-off — desirable: CISSP, CEH, OSCP, or GCIH
Apply Now
Apply Now

Job Details

Company
Hamilton Barnes 🌳
Location
Sunderland, England, United Kingdom
Posted