IAM Analyst

We have an incredible opportunity for an Identity & Access Management Analyst! You’ll be joining a dynamic, hands-on team, where you will perform the provisioning, recertification, and Privileged Access Management (PAM) processes as part of the Identity Lifecycle Management activities across the Legal & General Group and business divisions. This includes supporting and managing multiple IAM tools to monitor and control privileges held by Human & non-Human accounts across all L&G infrastructures such as AD, Mainframe, SQL, ORACLE, DB2, and cloud-based services.

1. Liaising with Group Technology and business divisions to perform Joiner, Mover, Leaver (JML) access management processes in accordance with Legal & General’s policies and standards to ensure appropriate user access during employment or contract changes.
2. Defining, implementing, and maintaining Group RBAC, ensuring least privileged access.
3. Managing IAM IT General controls through regular reviews of access requests, suitability of use, and segregation of user and privileged access.
4. Conducting recertification reviews for user access to ensure physical and electronic access requirements are current for all users.
5. Working with application owners and business divisions to map business roles to IT entitlements, ensuring appropriate access rights based on roles.
6. Managing user account authentication and password management processes to ensure only account owners can access their accounts.
7. Monitoring privileged accounts continuously and managing provisioning and de-provisioning based on the principle of least privilege to minimize data breaches.
8. Overseeing vendors responsible for IAM tools and services, escalating process deficiencies and remediation actions as needed to ensure SLAs are met.

1. Strong technical expertise in identity lifecycle management, access management, SSO, federation, privileged access management, MFA, directory architecture, and access certification.
2. Deep knowledge of directories, SSO, Federation, API gateways, etc.
3. Understanding of IAM protocols such as SAML, SPML, SCIM, OpenID, OAuth, and XACML.
4. Ability to understand various operating systems like AS400, AD, SQL, Oracle, and DB2.
5. Experience managing user, service, and privileged accounts, with a focus on least privilege methodologies.
6. Experience with User Provisioning, RBAC, SSO, and Active Directory is preferred.
7. Experience with deploying and managing IAM and PAM tools such as SailPoint IdentityIQ, CyberArk, CA PAM, Imprivata, Azure MFA, etc.

• Participation in annual performance-related bonuses and share schemes.
• Generous pension contributions.
• Life assurance and private medical insurance (for permanent employees).
• At least 25 days holiday plus public holidays, with options to buy or sell holiday.
• Family leave, electric car scheme, discounts, and modern office spaces designed for collaboration and wellbeing.

Legal & General is a leading financial services organization recognized for its leadership and heritage. We are committed to an inclusive culture, flexible working, and supporting your career development. If you’re interested in this role, we’d love to hear from you!