Senior Identity & Access Management Engineer

Job Title
Senior Identity & Access Management Engineer

Job Description
Reporting to the Infrastructure Team Manager or Functional Director, the Senior Identity & Access Management Engineer is responsible for delivering and supporting high-quality services and systems that enable and empower our colleagues across the organisation. As a key technical contributor, the Senior IAM Engineer plays an important role in designing, implementing, and maintaining identity and infrastructure solutions through strong collaboration within the team and across Sage.

You will work as part of a supportive and experienced team, where you'll receive the coaching and development needed to succeed in your role, while also contributing your expertise to mentor junior team members and share best practices. You will support the delivery of projects and continuous improvement initiatives, working closely with peers and stakeholders to ensure high standards of quality, reliability, and performance.

You will work closely with the Principal Identity Engineer to help define and deliver our strategy and Roadmap. Supporting his technical vision with your extensive experience.

*** Please note this is a hybrid role - you will work 3 days a week from our Newcastle office. ***

Key Responsibilities
Key Responsibilities include:

o Delivery and maintenance of robust technical solutions, including the configuration and management of both on-premise and cloud-based systems such as Entra ID, Active Directory, and supporting services like Multi-Factor Authentication, Conditional Access, Public Key Infrastructure, and DNS.

o Use of scripting and automation tools, particularly PowerShell, to streamline identity and access management operations and develop efficient, repeatable workflows

o Contributing to all phases of project delivery, including technical design, implementation, configuration, and documentation, while collaborating with technical leads and stakeholders throughout the lifecycle.

o Appling security best practices to identity and access management, including security hardening, privileged access controls, and audit measures, helping to ensure systems are secure and compliant.

o Collaborating effectively with cross-functional teams, aligning identity solutions with business and security requirements. Communicate clearly with both technical and non-technical stakeholders to ensure shared understanding and alignment.

o Commitment to staying updated on industry trends, emerging technologies and advancements in cloud identity and access management. Proactive in seeking out professional development opportunities.

o Being curious with a growth mindset and a proven ability to troubleshoot and resolve complex issues with experience in root cause analysis and the development of preventive measures to enhance system reliability.

o Supporting adoption of new technologies and tools, assisting with evaluations and sharing insights with the wider team to drive innovation and continuous improvement.

Requirements:

o Extensive experience with Active Directory and Entra ID, specifically areas like Conditional Access / Identity Protection / MFA / Domain Controllers / DNS / DHCP.

o Knowledge of Securing Identity Platforms such as Privileged Identity Management (PIM) and Role-based Access Control (RBAC).

o Familiarity with security tools and practices such as, Entra ID Governance, Defender for Identity, Microsoft Sentinel, Group Policy hardening, and Secure LDAP.

o Knowledge of Azure Security Centre features related to identity security.

o Proficiency in implementing and managing Entra ID B2B for external user collaboration.

o Experience with Entra Connect for integrating on-premise Active Directory with Entra ID.

o Proficiency in scripting languages such as PowerShell for automating Entra ID tasks and configurations.

o Experience with Infrastructure as Code (IaC) tools for managing Azure resources.

o Knowledge of Entra ID Graph API and Microsoft Graph API for programmatically managing Entra ID resources.

o Understanding of DNS principles, design and configuration.

o Integration of DNS services with Active Directory and Entra ID for name resolution and identity verification.

o Experience with implementing and managing Public Key Infrastructure (PKI) solutions.

o Knowledge of digital certificate management, including issuance, renewal, and revocation processes.

#LI-JM2

Function
IT

Country
United Kingdom

Office Location
Newcastle

Work Place type
Hybrid

Advert
Working at Sage means you're supporting millions of small and medium sized businesses globally with technology to work faster and smarter. We leverage the future of AI, meaning business owners spend less time doing routine tasks, like entering invoices and generating reports, and more time pursuing their ambitions.

Our colleagues are the best of the best. It's why we were awarded 2024 Best Places to Work by Glassdoor. Because to achieve extraordinary outcomes, we need extraordinary teams. This means infusing Sage with people who knock down barriers, continuously innovate, and want to experience their potential.
Learn more about working at Sage: sage.com/en-gb/company/careers/working-at-sage/
Watch a video about our culture: youtube.com/watch?v=qIoiCpZH-QE

We celebrate individuality and welcome you to join us if you embrace all backgrounds, identities, beliefs, and ways of working. If you need support applying, reach out at careers@sage.com.
Learn more about DEI at Sage: sage.com/en-gb/company/careers/diversity-equity-and-inclusion/