Lead Identity Architect
Role Overview
We are looking for an experienced Lead Identity Architect to provide technical leadership across a live, business-critical identity service operating in a secure government environment.
This is a senior architecture role requiring both strategic leadership and practical technical depth. The successful candidate will own the end-to-end architecture view across application development, data, service operations, L2/L3 support and supplier dependencies.
The role requires someone who can set direction with senior stakeholders, provide clear design authority, and work closely with engineering, data and service teams on detailed technical issues. This includes identity schemas, attributes, data flows, APIs, microservices, integration patterns, workflow behaviour, platform configuration and live-service supportability.
The successful candidate will help ensure the platform remains stable, supportable and capable of evolving over time, while reducing avoidable complexity across processes, integrations and technical components.
Contract / Location
- Employment type: Permanent
- Clearance: Active SC clearance required
- Working pattern: Hybrid
- Onsite: 1-2 days per week in Chippenham, Wiltshire
Key Responsibilities
Architecture Leadership
- Own the end-to-end architecture across development, data and service support workstreams.
- Provide technical direction across identity workflows, lifecycle processes, integrations, data flows, platform behaviour and operational supportability.
- Act as the senior architecture point of contact for delivery teams, service teams, suppliers and customer stakeholders.
- Maintain architectural coherence across live-service change, backlog delivery, technical debt reduction and roadmap activity.
- Ensure design decisions are pragmatic, supportable and aligned to business value.
Identity Platform Architecture
- Lead architecture across enterprise identity and access management capabilities.
- Provide oversight of identity lifecycle processes including onboarding, profile changes, role and access changes, recertification, leaver handling, audit and reporting.
- Understand complex identity integrations across directories, authoritative sources, workflow systems, cloud-hosted services and downstream platforms.
- Support simplification of identity journeys, data feeds, interfaces and platform components.
- Identify opportunities to reduce avoidable customisation and use existing platform capability where appropriate.
Technical Depth and Design Ownership
- Understand and challenge detailed identity designs, including schemas, attributes, data models, workflow rules, provisioning logic and integration behaviour.
- Review APIs, data feeds, directory integrations, microservices, ETL / transformation logic and platform configuration.
- Work with developers, data specialists, DevOps engineers and service teams to diagnose complex issues and make practical design decisions.
- Provide architecture support during defect analysis, root-cause investigation, service support and backlog refinement.
- Move comfortably between architecture diagrams, backlog items, logs, schemas, interface specifications and implementation detail.
- Identify where existing components should be retained, simplified, consolidated, retired or replaced with simpler patterns.
- Ensure architectural decisions are technically sound, supportable in live service, and understood by the teams who need to build and run them.
Platform Improvement and Roadmap
- Review existing platform complexity, including interfaces, microservices, custom components and integration patterns.
- Shape practical options for reducing complexity and improving supportability.
- Support API-based integration patterns where they reduce complexity and improve resilience.
- Work with cloud/platform specialists to identify monitoring, resilience, containerisation and operational improvement opportunities.
- Provide architectural input into future identity patterns, including Microsoft Entra-aligned options where appropriate.
- Reduce complexity without driving unnecessary re-engineering or business disruption.
Service Supportability
- Work closely with Service Operations, L2/L3 support, Data, Dev and DevOps teams to improve ownership and reduce dependency on specialist intervention.
- Support the development of runbooks, operational models, support routes and knowledge-transfer material.
- Ensure the architecture is supportable by BAU, not just deliverable by project teams.
- Help distinguish between application, data, infrastructure, supplier and service-operation ownership.
- Support incident and problem analysis where architectural input is required.
Essential Experience
- Strong enterprise identity and access management experience.
- Proven experience as a lead or senior architect on complex live platforms.
- Experience working in secure government, public sector or similarly regulated environments.
- Strong understanding of identity lifecycle, access management, workflow, audit, governance and integration patterns.
- Demonstrable ability to work at detailed technical level across identity schemas, data flows, APIs, microservices, platform configuration and live-service support issues.
- Experience working across application development, data, infrastructure, service operations and supplier teams.
- Ability to simplify complex technical landscapes and make pragmatic architecture decisions.
- Strong stakeholder management and communication skills.
- Active SC clearance.
Desirable Experience
- Experience with enterprise IAM platforms such as OpenText / NetIQ, SailPoint, Microsoft Entra, ForgeRock, CyberArk, Okta or similar.
- Microsoft Entra / Azure AD / M365 identity integration experience.
- AWS-hosted application or platform experience.
- API gateway, LDAP, directory services, data feeds and enterprise integration experience.
- Experience with microservices, ETL patterns, workflow engines or complex integration platforms.
- Experience of service transition, BAU readiness and operational handover.
- Experience modernising or simplifying legacy-to-cloud services.
- Familiarity with secure-by-design principles, auditability and regulated-service operation.
What We Are Looking For
- An established senior architect with real identity-platform depth.
- A technical leader who can own architecture across Dev, Data and Service Operations.
- Someone credible with engineers, architects, service teams and senior stakeholders.
- Someone who can go into schemas, interfaces, microservices and platform behaviour when needed.
- A pragmatic architect who reduces complexity rather than creating more of it.
- Someone who can produce clear architecture views and communicate well, but whose value is not limited to documentation or presentations.
- Strong judgement in a live-service environment where stability, supportability and controlled change matter.
In Simple Terms
We need a senior identity architect who can own the architecture of a complex live service, understand the detail, guide the teams, reduce complexity, and make the platform easier to support and evolve.