IAM Architect

Established in 1981 with a single store in the Northwest of England, the JD Group is a leading omni-channel retailer of Sports Fashion, Outdoors and Gyms with our colleagues working in stores across several retail fascias in many markets around the world.

JD Sports Fashion Plc was listed on the London Stock Exchange in 1996 and has been a FTSE100 publicly quoted company since 2019 and continues to grow in the UK and internationally.

We want to be the leading global omnichannel retailer in the sports and outdoor industry. To be a part of this successful company and help us to achieve this you will have the desire to ingrain our strategic goals of being a people-led, innovative and customer-focused organisation which provides operational excellence whilst identifying new areas of growth as part of our day to day objectives.

Job Title: IAM Architect

Location: Bury

Job Type: Full-Time

Job Description:

We are seeking an experienced and strategic IAM Architect to lead best-in-class design, development and governance of Identity & Access Management solutions in a large-scale, fast-paced retail environment.

You will be joining the Identity & Access Management (IAM) team reporting to the Head of IAM, all of which is part of our growing Information Security function.

This role will focus heavily on the integration and optimisation of SailPoint, CyberArk and enterprise directory services to support both workforce and third-party needs across a dynamic business landscape.

You'll work with business, security and infrastructure teams to ensure that IAM architecture (including standards and patterns) is secure, scalable and enables agility across all platforms.

Key Responsibilities:

• Own the IAM architecture roadmap with a strong focus on SailPoint Identity Security Cloud, CyberArk Privileged Cloud, authoritative data sources, and core directory services (Active Directory, Entra ID)
• Design and govern identity lifecycle and access governance solutions for employees, contractors, vendors and service accounts
• Architect and oversee implementations between IAM platforms and enterprise systems including POS, ERP, e-commerce platforms and cloud workloads
• Define and implement robust RBAC/ABAC models, automated provisioning/deprovisioning and identity workflows within SailPoint
• Design and support the deployment of CyberArk to secure privileged accounts across critical infrastructure and cloud environments
• Provide guidance and architectural support for directory service modernisation ensuring security and role modelling across hybrid IT estates
• Lead the secure integration of Authentication & Authorisation mechanisms (e.g. SAML, OIDC, OAuth2) for internal and customer facing applications
• Work closely with IAM Engineering colleagues, DevOps, and secure teams to integrate IAM into CI/CD pipelines and Infrastructure-as-Code (IaC) practices
• Support audit and compliance initiatives including PCI-DSS, GDP and internal policy enforcement
• Evaluate new IAM technologies, tools and capabilities to maintain a forward-looking, strategic identity architecture

Skills & Experience:

• Proven experience within IAM and within a role as lead architect or design role
• Proven experience delivering IAM solutions in distributed or consumer environments
• Expert-level knowledge and hands-on experience with modern converged IGA platforms (SailPoint, Saviynt or equivalent) including identity lifecycle management, access certifications, policy creation and custom connector development
• Strong expertise in CyberArk PAM including vaulting, session monitoring, credential rotation, and application onboarding
• Deep understanding of Active Directory, Entra ID schema design, federation services and group management strategies.
• Familiarity with IAM protocols and standards: SAML, OIDC, OAuth2, SCIM, Kerberos, etc
• Experience integrating IAM with cloud platforms (Azure, AWS, GCP), SaaS applications and enterprise infrastructure
• Excellent stakeholder management, with the ability to translate security requirements into practical, business-aligned solutions
• Strong understanding of Zero Trust architecture and modern security frameworks
• Familiarity with DevSecOps practices and CI/CD integration
• Detail-oriented with a strong security mindset and ability to think proactively.
• Strong written and verbal communication and collaboration skills

Preferred Qualifications:

• Bachelor's degree in computer science, Information Security or related field.
• Certifications such as CISSP, CISM or vendor-specific IAM certifications
• Experience in the retail industry or other high-volume, customer-facing environments
• Knowledge of CIAM (Customer identity & Access Management) and Identity Governance

We know our colleagues work tirelessly to make JD Sports the success it is today and in turn, we offer them some amazing benefits including staff Discount On JD Group and other brands within the organisation and personal development opportunities to learn and develop at work.

Thank you for your time

#JD

Other details

• Job Family Head Office Lead
• Pay Type Salary
• Employment Indicator Permanent

Apply Now