Active Directory / Entra Services Analyst

Function: Technology

Location: Hybrid, London

Work Arrangement: Hybrid

Position Title: Active Directory / Entra Services Analyst

Reports to: Head of Identity & Access Management

Scope: Wella Group

Together, WE enable individuals to look, feel, and be their true selves.

At Wella IT, we partner with every part of the company, enabling effective and efficient business operations in an international, multi-divisional environment.

Our main objective is to enable our business value through IT, following key operating principles:

• Value for money – we strive for solutions and decisions that ensure our IT spend delivers value for money, i.e. we look to re-use, buy then build.
• Speed and Agility – we embrace change and deliver agile solutions to reduce cost of change and respond quickly to business needs, e.g. maximize use of API without need to redesign.
• Compliance – Our solutions will ensure ongoing regulatory and legal compliance to minimize business exposure to risk, i.e. security, data access, GDPR.
• IT Operations – we ensure business operations are within agreed risks and costs parameters, i.e. Platform availability, solutions operation, disaster recovery.

We are currently recruiting an experienced AD / Entra analyst that will provide thought leadership and design assurance for our Directory Services. The analyst will ensure a seamless end user experience in the directory services space working with our application leads, strategic IT vendors and end user compute teams.

The successful applicant will be familiar with working within a diverse environment, with excellent interpersonal skills and is confident when dealing with Technical and Business Stakeholders (especially managing expectations and communicating clearly) and managing globally located teams.

The role will drive best practice analysis, architecture / design for project delivery activities, as well as support for BAU improvements, service assurance and compliance, and delivery of directory services projects and enhancements to meet requirements.

• Apply your technical and operational knowledge / experience to produce business, technical and security requirements specifications and support the production of solution designs that stakeholders can understand and use.
• Review solution designs and proposed changes to AD / Entra design (accounts, policies, groups etc) to ensure requirements are being met.
• Engage with other Cyber and IT teams to review scope and details of projects and identify their impacts / dependencies on AD / Entra systems, processes or operations.
• Develop and implement AD / Entra management artefacts for support of and changes to identity management guidelines, processes, procedures and systems.
• Create appropriate artefacts such as Non-functional and Functional Requirements, Solution Options, design documents - or delegate such document creation tasks to the vendor and manage the quality of their delivery.
• Work with development teams or integration partners to ensure that potential issues are resolved or escalated early.
• Create guides to help other teams understand directory best practice and principles.
• Support and champion the adoption of security principles and standards.

• Capture project requirements and ensure all IT PMO steps were followed with all project artefacts produced and maintained.
• Support the appointed IT PM in preparing and using project artefacts (plan, RAID etc)
• Communicate updates to stakeholders and manage stakeholder expectations.
• Ensure that the Project remains aligned to agreed requirements through design, testing and deployment.
• Identify any risks either in the project / product and agree mitigating actions where appropriate.

• Support project communications through IT business partners and end user compute teams.
• Build and apply repeatable tools for organisation-wide adoption, ensuring all directory documentation is created and maintained.
• Monitor directory administration against applicable controls, including SOX controls..
• Monitor the proper use and control of AD / Entra.
• Drive opportunities for service improvements on an ongoing basis.

• Operate policies and standards, providing subject matter expertise on all AD / Entra-related controls.
• Work with access and risk owners to ensure directory risks are identified and managed.
• Track control ownership for all directory administration controls.
• Work with application and access owners for all critical applications ensuring compliance to defined processes and policies.
• Support quarterly access recertifications for AD / EntraID, working with line managers and access owners to ensure access is revoked where required.
• Ensure joiners / movers / leavers and approval processes provide adequate controls for directory users
• Act as point of contact for internal and external audit, working to mitigate directory-related audit findings.

• Strong knowledge of Active Directory and Entra / Entra ID technical architecture, components, and security
• Experience with AD / Entra business analysis.
• Experience with AD / EntraID / Exchange technical integrations to provide enterprise identity management capabilities
• Business analysis skills covering requirements gathering, process mapping and business solution design.
• Excellent analytical, problem-solving, and communication skills
• Successful track record of building relationships at all levels.
• Excellent communication and interpersonal skills.
• Ability to follow formal project management processes.
• Ability to follow quality assurance processes.
• Ability to advocate for change and align main stakeholders and impacted parties.
• Ability to understand and synthesise business needs from multiple business and technical areas.
• Microsoft Certified Solutions Expert (MCSE) or equivalent certification preferred

• Higher education (University degree) with an orientation in business / technology related fields

• 7+ years professional experience in security and directory-related services.
• Experience with AD / Entra, ideally also Sailpoint IGA & Cyberark.
• Appreciation of SAP role design best practice and constraints.
• Previous exposure to delivery & operations across IAM & PAM.
• Knowledge of Identity & access management industry best practices and standards.
• Experience of implementing robust access control policies and procedures.
• Strong understanding of identity governance principles, security frameworks, and compliance regulations.
• Experience supporting audit activities.

• Strong team skills and MUST have a proactive / can do attitude.
• Strong communication and problem-solving skills, ability to get buy in at all levels.
• Ability to challenge, understand the perspectives of others and demonstrate active listening.
• Can work independently and as part of a team in a fast-paced, dynamic environment.
• Track record of driving change whilst ensuring alignment at every stage.
• Excellent communication, presentation, and interpersonal skills, effectively collaborating with diverse stakeholders.
• Ability to collect data and report blocking points.
• Issue resolution and value realisation oriented.