IAM Systems Engineer

IAM Systems Engineer

Job Description

[Up to c. $425k Comp Package | Hybrid Working]

Role Overview

We’re working with a leading technology-driven investment firm whose success is built on world-class engineering, scientific rigour, and an unwavering focus on secure systems design. The firm is seeking an accomplished Identity & Access Engineering Specialist to join its Platform Engineering function - the team responsible for the architecture and reliability of the firm’s core computing environment. You’ll take ownership of key identity and authentication frameworks, shaping how thousands of users and systems authenticate and interact securely across on-prem and cloud platforms. This is a highly technical, hands-on role suited to an engineer who enjoys the precision of protocol-level work, the discipline of systems integration, and the intellectual challenge of safeguarding a complex distributed environment...

Key Responsibilities

• Lead the design, delivery, and operation of enterprise identity platforms, ensuring consistent, secure, and performant authentication across heterogeneous environments
• Introduce and integrate modern, passwordless authentication solutions (FIDO2, YubiKeys, Windows Hello, Passkeys) into production systems
• Oversee the deployment and lifecycle of core identity services including Active Directory, AD Federation Services, AD Certificate Services, and Entra ID
• Collaborate on strategic projects such as secure remote access from employee-owned devices and cross-platform certificate enrolment
• Partner with infrastructure and security engineering teams to align identity models with broader Zero-Trust and compliance strategies
• Engineer and maintain authentication and authorisation frameworks built around protocols such as Kerberos, PKI, and OIDC
• Act as a subject-matter expert on identity architecture, advising senior stakeholders on roadmap, governance, and best practice
• Document technical designs and operational procedures to ensure transparency, scalability, and continuity across teams

What You’ll Bring...

• 6-11 years’ hands-on experience in Identity & Access Management, security engineering, or systems infrastructure within complex enterprise or financial environments
• In-depth understanding of core authentication protocols - Kerberos, PKI, OIDC, and FIDO2
• Practical scripting ability (e.g. Python or PowerShell) for automation and integration tasks
• Proven experience administering and integrating Active Directory, ADFS, ADCS, and Entra ID
• Strong working knowledge of passwordless authentication technologies, including hardware-based and biometric options
• Familiarity with certificate management, key infrastructure, and access federation across multi-platform estates
• Strong communication and collaboration skills, capable of translating technical constraints into clear strategic recommendations
• (Preferred) Academic background in Computer Science, Engineering, Applied Mathematics, or a related discipline
• (Preferred) Experience contributing to identity design in highly regulated or mission-critical systems

...

Apply for this role

All fields marked with * are required.