Lead Security Architect – Identity and Access Management (IAM)

Job Description:

Lead Security Architect – Identity and Access Management (IAM)

Permanent

London / Staines / Manchester (Hybrid Working)

We make health happen

At Bupa, our purpose is simple but powerful — helping people live longer, healthier, happier lives and making a better world. We’re a global healthcare provider and insurer with no shareholders, which means our customers come first in everything we do.

As our Lead Security Architect – IAM, you’ll play a key role in protecting the digital identities of our people, customers, and partners. You’ll help shape and deliver a secure, scalable, and user-friendly identity and access management strategy that supports our digital transformation and keeps our systems safe.

This is your chance to join a team that’s passionate about innovation, security, and making a real difference to people’s lives.

As our Lead Security Architect – IAM, you’ll:

• Define and maintain our enterprise IAM architecture, aligned with Zero Trust principles.
• Develop reusable design patterns and reference models for IAM services like identity lifecycle, RBAC/ABAC, SSO, MFA, and PAM.
• Lead the integration of IAM solutions across cloud, SaaS, and on-prem platforms including Azure, GCP, Kubernetes, and legacy systems.
• Evaluate and select IAM technologies such as Entra ID, Okta, CyberArk, and SailPoint.
• Design scalable identity governance and administration (IGA) solutions for staff, customers, and third parties.
• Collaborate with teams across Cybersecurity, Risk, Engineering, and Compliance to embed IAM controls.
• Stay ahead of emerging trends like decentralised identity and passkeys and guide architectural innovation.
• Provide expert consultancy during audits, incident response, and solution design.
• Support internal and external risk, compliance, and audit reviews.

We’re looking for someone who brings deep technical expertise and a collaborative mindset. You’ll need:

• 7+ years’ experience in IAM, security architecture, or cloud engineering with a strong IAM focus.
• Proven experience designing and implementing enterprise IAM strategies.
• Strong knowledge of IAM governance, access reviews, and compliance frameworks.
• Hands-on experience with platforms like Azure AD, Okta, SailPoint, CyberArk, and BeyondTrust.
• Familiarity with identity protocols (SAML, OAuth2, OpenID Connect) and Zero Trust models.
• Experience with hybrid and multi-cloud environments, including Kubernetes and SaaS integrations.
• Relevant certifications (e.g. SC-300, CIAM, CISSP, CCSP, SABSA) are a plus.
• Excellent communication skills — able to explain complex ideas to technical and non-technical audiences.
• A passion for continuous improvement and a proactive approach to problem-solving.

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family-friendly benefits.

Joining Bupa in this role, you’ll receive the following benefits and more:

• 25 days holiday, increasing through length of service, with the option to buy or sell
• Enhanced parental leave
• Company-matched pension scheme
• Annual performance-based bonus
• Private medical insurance
• Access to our health assessments and wellbeing services
• Discounts on Bupa products and services

We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.

We encourage all of our people to “Be you at Bupa”, we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That’s why we especially encourage applications from people with diverse backgrounds and experiences.

Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.

Time Type: Full time

Job Area: IT

Locations: Angel Court, London, Bupa Place, Staines - Willow House