Senior Security Engineer - IAM Focus | Strategic Financial Risk Solutions Firm

Job Description

[Up to c. £225k Comp Package | Hybrid Working - 3 Days in Office]

We’re partnering with a market-defining pensions investment firm undertaking a major multi-year transformation of its technology and security stack. Backed by full executive sponsorship, they’re modernising cloud- architecture, overhauling their platforms, and embedding security engineering into every layer of infrastructure delivery. With responsibility for safeguarding over £65 billion in assets and millions of pension holders, this is a high-impact opportunity to shape the fabric of a business where your work will be operational, not theoretical - influencing every application, platform and access point across the estate...

Key Responsibilities

• Lead design and hands-on delivery of secure & Access Management (IAM) capabilities across cloud- and SaaS platforms (AWS, Azure, internal systems)
• Build scalable lifecycle workflows, including access provisioning, deprovisioning, RBAC/ABAC models, just-in-time access, and directory integrations
• Automate governance processes via policy-as-code frameworks, IaC pipelines and audit/attestation tooling
• Integrate IAM controls into CI/CD pipelines, infrastructure delivery, and developer workflows, ensuring consistent security guardrails from build to production
• Partner with security architects, developers, and DevOps engineers to embed controls into broader security architecture design
• Support secure federation and SSO integrations across SAML, OIDC, SCIM and modern authentication protocols
• Translate regulatory and compliance needs into technical controls that balance security, usability and engineering agility
• Continuously refine IAM capabilities in response to emerging threats, platform evolution, and business growth
• Collaborate closely with leadership to provide governance oversight, reporting and risk visibility for -related access controls

What You’ll Bring...

• 4-10 years’ experience in Security Engineering or Software Engineering roles, with 2+ years directly focused on IAM
• Proven delivery of IAM capabilities within cloud- environments (AWS or Azure), including lifecycle and access governance
• Practical knowledge of authentication and authorisation protocols including SAML, OIDC, OAuth2, SCIM, LDAP, and federated models
• Hands-on experience with cloud- IAM tools such as AWS IAM, Azure AD, Okta, Saviynt or equivalent directory services
• Strong automation skills across policy-as-code frameworks (OPA), infrastructure-as-code (Terraform), and CI/CD integration
• Familiarity with Zero Trust architecture principles and evolving access control models
• Solid understanding of security control frameworks such as NIST, ISO27001 or CIS Benchmarks, as they apply to access management
• () Prior experience in financial services, risk management, pensions, or insurance industries
• () Certifications such as CISSP, CCSP, or IAM/cloud-focused security qualifications

...