Cyber Security Consultant - Identity & Access Management

As a Security Consultant specializing in Identity & Access Management (IAM), you will help organizations secure and streamline the entire identity lifecycle. You'll design and implement solutions using leading IAM platforms to deliver seamless authentication, authorization, and identity governance. By leveraging protocols such as SAML, OAuth, and OpenID Connect, alongside automation and scripting expertise, you will ensure effective provisioning, migration, and governance of identities across cloud, enterprise, OT, and IoT environments. This is a highly technical, client‑facing role that combines deep IAM expertise with the ability to translate security requirements into business‑focused outcomes.

At IBM CIC, we provide technical and industry expertise to a wide range of public and private sector clients in the UK. A career in IBM CIC means you'll have the opportunity to work with leading professionals across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. You will get the chance to deliver effective solutions, driving meaningful business change for our clients, using some of the latest technology platforms. Curiosity and a constant quest for knowledge serve as the foundation to success here. You'll be encouraged and supported to constantly reinvent yourself, focusing on skills in demand in an ever changing market. You'll be working with diverse teams, coming up with creative solutions which impact a wide network of clients, who may be at their site or one of our CIC or IBM locations. Our culture of evolution centres on long‑term career growth and development opportunities in an environment that embraces your unique skills and experience.

• Design, implement, and manage IAM solutions using platforms such as Okta, Azure AD, Ping Identity, Saviynt, or SailPoint.
• Support the full IAM lifecycle, including user provisioning, deprovisioning, and workflow automation.
• Integrate authentication and authorization solutions such as SSO, MFA, RBAC, and IGA platforms.
• Apply protocols and standards (e.g., SAML, OAuth, OpenID Connect, LDAP) to strengthen identity and access security.
• Develop and maintain automation scripts (e.g., PowerShell, Python, Java) to streamline IAM processes and migrations.
• Advise on IAM‑related compliance and governance requirements using frameworks such as ISO, NIST, and Zero Trust architectures.
• Collaborate with client stakeholders to define IAM strategies aligned to business objectives and security standards.
• Contribute to the secure integration of cloud, enterprise IT, OT, and IoT identities.
• Recommend and implement IAM tooling enhancements to improve efficiency, scalability, and security posture.

• Hands‑on expertise with leading IAM technologies (e.g., Okta, Azure AD, Ping Identity, Saviynt, SailPoint).
• Strong understanding of IAM concepts: SSO, MFA, RBAC, LDAP, OAuth, SAML, OpenID Connect, provisioning.
• Knowledge of security protocols, frameworks, and architectures (e.g., NIST, ISO, Zero Trust).
• Proven experience in cloud IAM across AWS, Azure, and/or GCP environments.
• Proficiency in scripting/programming (PowerShell, Python, or Java) for IAM automation.
• Practical experience in IAM lifecycle management (provisioning, deprovisioning, and workflow automation).
• Strong analytical and problem‑solving skills, with ability to address complex IAM challenges.
• Excellent communication and stakeholder engagement skills, with the ability to bridge technical and business language.

• Relevant professional certifications, such as:
• AWS Certified Security – Specialty
• Microsoft Certified: Identity and Access Administrator Associate
• Okta, Ping Identity, SailPoint, CyberArk, or Saviynt certifications
• Experience with Identity Governance Administration (IGA) platforms.
• Familiarity with automation/orchestration tools (e.g., Ansible, Terraform).
• Knowledge of cloud‑native IAM security services (AWS IAM, Azure IAM, GCP IAM).

As an equal opportunities employer, we welcome applications from individuals of all backgrounds. However, for you to be eligible for this role, you must have the valid right to work in the UK, have a continuous residence in the UK for the last 3–5 years, and be able to hold or gain a UK government security clearance. We do not offer visa sponsorship and do not have future plans to do so.

• Many training opportunities from classroom to e‑learning, mentoring and coaching programmes, and the chance to gain industry‑recognised certifications.
• Regular and frequent promotion opportunities to ensure you can drive and develop your career with us.
• Feedback and checkpoints throughout the year.
• Diversity & Inclusion as an essential and authentic component of our culture through our policies and processes, as well as our Employee Champion teams and support networks.
• A culture where your ideas for growth and innovation are always welcome.
• Internal recognition programmes for peer‑to‑peer appreciation as well as from manager to employees.
• Tools and policies to support your work‑life balance from flexible working approaches, sabbatical programmes, paid paternity leave, maternity leave and an innovative maternity returners scheme.
• More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Programme, life assurance and a group personal pension plan of an additional 5 % of your base salary paid by us monthly to save for your future.