Identity and Access Manager

Join to apply for the Identity and Access Manager role at The MDU.

Manager: CISO

Department: Cyber Security

Division: Enterprise Information Technology Services

Location: London, Hybrid

Identity is a core security component in any modern IT estate, ensuring the right people, machines and software components have access to the correct resources at the appropriate time, while preventing unauthorised access and maintaining a secure environment.

The Identity and Access Manager role heads up this crucial security function within the Cyber Security Team and will lead the strategic development and operational management of identity services, develop and manage identity and access tooling and processes to ensure mature, efficient and secure working practices, advocate for best practices, and ensure compliance and risk‑management standards are met.

• Lead the Identity and Access function within the Cyber Security team, covering Access Management, Identity Governance and Administration, Role‑Based Access Control, Privileged Access Management, Identity Threat Detection and Response, Access Certification and Identity Data Management & Analytics.
• Ensure that only authorised identities have access to relevant data and systems, working with department heads, team leads and system owners to establish appropriate access levels.
• Develop and maintain the IAM roadmap to deliver key initiatives, collaborating with Enterprise Architects to embed identity security principles from design.
• Work with and manage external suppliers to mature identity security, regularly testing processes for effectiveness.
• Collaborate with Cyber Security and the wider Enterprise Information Technology Services operations teams to ensure smooth operations and investigations into identity security events.
• Provide regular management information and reporting on the current state of identity‑related risks and controls, while managing a programme to continually reduce identity and access risks.
• Stay abreast of emerging and developing security threats, tactics and techniques; help senior leadership understand potential problems, including those arising from acquisitions or other business initiatives.
• Oversee the management and development of identity security tooling.
• Assist the CISO, as required, in wider Cyber Security management.

• Proven experience in a similar role within a mid/large‑sized organisation, preferably in the Financial Services or Insurance sectors.
• Strong technical skills and experience with IAM technologies such as Sailpoint, CyberArk and Entra ID.
• In‑depth knowledge of identity and access management concepts, such as RBAC, Conditional Access and Zero Trust.
• Experience streamlining processes, including introducing automation.
• Cyber security subject‑matter expert with relevant certifications such as CISSP, CISM, CSSP or equivalent.
• Extensive experience consulting on projects, building security requirements and ensuring services go‑live with minimal security risk.
• Strong understanding of new and emerging cyber threats and technologies.
• Knowledge of relevant legislation and regulations within the UK Insurance and Financial Services market.
• Strong analytical and problem‑solving skills with a strategic mindset and attention to detail.
• Excellent written and verbal communication skills, able to articulate complex concepts to non‑technical stakeholders.

• A strong collaborator: excellent relationship‑building and communication skills, able to engage people from diverse cultures and different levels.
• Adaptable and responsive to the changing cyber landscape and corporate objectives.
• Can work on own initiative while also collaborating with project teams on tight timescales.

Mid‑Senior level

Full‑time

Information Technology