IAM Specialist
Job Title: IAM Specialist
Location: Culham, UK
Job Type: Full-time contract, Until 18/12/2026
Work Model: Hybrid (2-3 days/week on site)
Minimum Requirement:
The IAM Specialist will be responsible for the hands-on implementation and configuration of Client's Identity Governance and Administration (IGA) platform. Working within the cyber security team, you will integrate the IGA solution with Microsoft Entra ID, connect authoritative sources (HR systems, contractor databases), and build joiner-mover-leaver (JML) processes with automated approval workflows. This is a technically focused implementation role requiring deep expertise in IGA platforms and identity life cycle management. You will work closely with HR, IT operations, and application owners to ensure identity data flows correctly and access provisioning meets business requirements.
Key Accountabilities:
Implement and configure the IGA platform (SailPoint, Saviynt, Omada, or similar) to meet Client requirements
Integrate the IGA solution with Microsoft Entra ID as the primary Identity Provider
Connect authoritative sources (HR systems, contractor databases) to drive identity life cycle
Design and implement joiner-mover-leaver (JML) processes with automated provisioning and deprovisioning
Build and configure approval workflows for access requests, role assignments, and exceptions
Implement access certification campaigns and recertification processes
Develop role mining and role-based access control (RBAC) models in collaboration with business owners
Configure application connectors for target systems (AD, Entra ID, SaaS applications, on-prem systems)
Implement segregation of duties (SoD) policies and access risk analytics
Configure SSO and federation services using SAML, OAuth 2.0, OpenID Connect, and SCIM
Support identity data quality management and remediation activities
Troubleshoot provisioning failures, synchronisation issues, and connector errors
Collaborate with application owners during onboarding to define access models and entitlements
Maintain documentation of IGA configurations, workflows, and integration specifications
Essential:
Hands-on experience implementing IGA platforms (SailPoint, Saviynt, Omada, One Identity, or similar)
Proven experience integrating IGA with Microsoft Entra ID/Azure AD
Experience connecting authoritative sources (HR systems, databases) to IGA platforms
Strong understanding of identity life cycle management and JML process automation
Experience building approval workflows and access request processes
Knowledge of access certification, recertification, and attestation campaigns
Understanding of RBAC modelling, role mining, and entitlement management
Experience with application connector development and configuration
Strong understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, SCIM)
Knowledge of directory services (Active Directory, LDAP) and hybrid identity
Working knowledge of security frameworks: ISO 27001, NIST CSF
Strong troubleshooting skills for provisioning and synchronisation issues
Good documentation skills for technical configurations and runbooks
Desirable:
Degree in Information Security, Computer Science, or related STEM field
Vendor certifications in IGA platforms (SailPoint, Saviynt, Omada)
Microsoft certification: SC-300 (Identity and Access Administrator)
Experience with segregation of duties (SoD) policies and access risk analytics
Scripting skills (PowerShell, Python) for automation and connector development
Experience with API integration and web services
Familiarity with ITSM workflows and change control procedures
Experience in public sector or critical national infrastructure environments