Identity & Privileged Access Engineering Lead

Senior Identity & Privileged Access Engineering Lead

Location: London (Onsite)

TC: Competitive + Performance Bonus (Hedge Fund Level Compensation)

Some IAM roles focus on administration. This one is about removing privilege at the source and rebuilding identity security as infrastructure.

A highly sophisticated trading environment is seeking a Senior Identity & Privileged Access Engineering Lead to design, build, and operate a modern identity security function across enterprise, cloud, and workload environments.

This is not a traditional IAM role — it requires a hands-on engineer who understands identity as the foundation of security, not just a control layer.

You will take ownership of privileged access architecture, authentication systems, and identity governance across a complex, high-performance environment where access control is mission-critical.

The Role

• Design and operate enterprise identity security across Microsoft Entra ID
• Lead the implementation of Conditional Access, MFA, and phishing-resistant authentication
• Own and evolve Privileged Access Management (PIM, JIT, admin tiering, break-glass controls)
• Eliminate standing privilege across cloud and enterprise systems
• Build and automate identity lifecycle processes (joiner/mover/leaver)
• Design and enforce secure access patterns across users, services, and infrastructure
• Partner with cloud and platform teams to integrate identity controls into Azure and Kubernetes environments
• Tune identity-based security detections with SOC and security engineering teams
• Drive continuous improvement in identity governance, access reviews, and compliance alignment

Non-Negotiables (DO NOT APPLY IF YOU DON’T HAVE...)

• Strong hands-on experience with Microsoft Entra ID (Azure AD)
• Deep understanding of Privileged Access Management (PIM, JIT, admin tiering, break-glass design)
• Proven experience designing and enforcing Conditional Access and MFA policies at scale
• Practical experience with identity lifecycle automation and governance (JML, RBAC, access reviews)
• Strong scripting / automation capability (PowerShell, Microsoft Graph, or similar)
• Experience operating in enterprise-scale or highly regulated environments (financial services preferred)

Why This Role

This is a rare opportunity to own and rebuild identity and privileged access security within a high-performance, security-critical environment.

You won’t be maintaining IAM systems - you’ll be engineering the controls that define how access works across the entire organisation.

For the right person, this is a chance to shape privileged access architecture at scale in one of the most demanding security environments in the industry.