Security Architect Identity and Access Governance

Key Responsibilities:

Identity & Access Governance:

• Oversee a program aimed at reviewing and enhancing our internal Joiner, Mover, Leaver (JML) processes before engaging in the market for an IAG solution.
• Leverage your expertise in delivering enterprise-scale IAG solutions such as SailPoint, Entra, and OneIdentity.
• Design and implement a robust role-based access service.

Data Governance:

• Lead initiatives to refine our data governance and handling processes ahead of Microsoft Purview implementation.
• Utilize your experience in delivering Data Loss Prevention (DLP) and comprehensive data governance solutions.

Essential Skills:

• Extensive experience delivering security within IT infrastructure, from requirements gathering to detailed design stages, ensuring solutions align with business risk appetite, standards, and regulatory requirements.
• Proven track record with Microsoft Purview, DLP, and Data Governance, with a preference for those with Identity Access & Governance experience.
• Capability to support and occasionally stand in for the Lead Security Architect, contributing to the IT security strategy and service delivery.
• Ability to provide advice and guidance to colleagues and the business, ensuring secure solutions are developed in line with technical governance processes, policies, and standards.
• Experience in applying security standards and assessing risk and compliance for large-scale solutions (e.g., 5000+ endpoints).
• Proven ability to implement security infrastructure solutions, ideally including SIEM, Access Governance, SASE, or Endpoint Protection.
• Strong understanding of information security standards such as ISO 27001, ISF, and NIST.
• Familiarity with OWASP and CIS industry security guidance and their application within the enterprise.
• Experience with risk assessment frameworks and the Cyber Assessment Frameworks, ensuring systems and services meet security requirements.
• Ability to identify and assess business and technical security requirements, including associated risks and potential weaknesses.
• Expertise in applying confidentiality, integrity, and availability (CIA) triad controls to meet regulatory requirements.
• Skilled in reviewing vulnerability and penetration test reports, providing guidance on necessary remedial actions.
• CISSP (Certified Information Systems Security Professional) certification or equivalent preferred.

Desirable Skills:

• Experience in the Utilities industry is a plus.

This role is Inside IR35.

6 Month contract (View to be extended)

£650-£750p/day

Hybrid (2/3 times per month on site)

If you are interested in this role, please don't hesitate to get in touch ASAP. This client is looking to move very quickly.