EWT Infosec | IAM Technical Security Consultant - Manager

This role is within the Security Architecture Consultancy sub-team who provide specialist security advice collaborating with technical and business teams throughout the entire or part of a digital solution’s life cycle.  The team owns and develops Security Patterns, Security Specifications, and the Threat Modelling Framework, to support secure technology innovation in a changing threat landscape.

The purpose of this role is to advise on and provide direction on Identity and Access Management technical security aspects of technology that are considered, evaluated, or implemented by Enterprise wide and Connected Technology engineering teams. The service works across KPMG to offer advice on varied business products and technology solutions.   

• Lead as an internal Technical Security Consultant as part of our Centre of Excellence function providing IAM technical security direction to the business, Engineering, and IAM operations teams. 
• Collaborate with programmes and projects to help deliver IAM solutions that meet the business need, including any client contractual security requirements, and are compliant with the Enterprise Security Architecture principles – ensuring all applicable controls and patterns are implemented.
• Using threat modelling to provide risk or threat-based advice to programme stakeholders along with actionable recommendations where necessary
• Drive, plan, and execute IAM roadmaps and technology enhancements, supporting the development of supporting Security Patterns and Specifications.
• Architect end-to-end IAM solutions using leading identity governance and privilege access management solutions as well as native Cloud IAM technologies.
• Assess, design, and implement sustainable IAM and PAM solutions, operating processes and people models to address key and evolving risks 
• Manage the scoping of security testing requirements for new systems and material changes to existing ones, with a focus on integrations. 
• Work alongside the technology teams to support submissions to the internal Design Authorities through the creation and review of design and guidance documentation where required. 
• Continually analyse processes, documentation, and workflows through regular dialogue with business stakeholders performing security, operations, and human resource related duties, develop gap analysis and identify and prioritize process improvements based on current risk of components adding professional insight.
• Build IAM capabilities, playbooks and documentation and work with business stakeholders to implement continuous improvements.
• Stay up to date with the latest security trends, vulnerabilities, and best practices to assist with ensuring current applications and architecture align with industry guidelines, best practices, and business approved standards. 

• Minimum 5+ years of professional experience working in the IAM field and supporting services underneath:
  • An operational IAM security role; or
  • IAM Solution or infrastructure design and/or operation and engineering
• Knowledge of security concepts and technologies in the wider Identity and Access management space (Identity Governance, Logical Access Controls, LDAP, RBAC, Authentication solutions, PKI concepts, Privileged Access Management etc.).
• Hands on experience and knowledge in enabling IAM controls securing digital products/solutions in the Cloud (e.g. AWS, Azure, Google, third party SaaS).
• Be able to demonstrate the ability to adapt communication style to explain technical concepts to different people within an organisation whether advising stakeholders, directing teams, or sharing experiences. 
• Experience of successfully working in a fast paced, customer service/regulated environments, delivering high quality information security services
• Be calm in challenging situations, able to navigate through complex security problems to find the root cause and a balanced outcome.

It would be advantageous if you can demonstrate some, or all of:

• Good experience of working in an Agile software development environment including CI/CD pipelines and the integration and use of IAM technologies. 
• Knowledge, experience and certifications relating to Microsoft Entra ID (formerly Azure Active Directory), OKTA, Sail Point, and Cyber Ark. 
• Any technical security certification.