Title:  IAM Technical Analyst

Secure our digital future through identity excellence

As an IAM Technical Analyst, you will be reporting into the Identity & Access Management team and working closely with internal IT teams and external partners supporting delivery of Cadent’s IAM roadmap into an ITIL disciplined environment, delivering IT services in a multisource model to an enterprise of 7000+ employees and external workers in a regulated utility.

The IAM team aim to enhance the user experience for colleagues by simplifying, improving, and automating access to systems & data for our digital identities including Privileged Access Management (PAM). We work with internal and external partners to improve provisioning and revocation of access to resources, ensuring access is authenticated and limited, based upon principle of least privilege. Accountable for the ongoing development and deployment of automated access management processes and integrations focussed on Cadent’s non-SAP platforms and systems (Microsoft Active Directory, Entra ID and MS 365). We aim to enhance governance to improve management of digital identities including privileged access, protecting Cadent’s network to meet regulatory obligations (NCSC CAF), aligned to strategy and best practice.

Why you'll love this role:

This is a hands-on technical role, where you will be working with industry standard tools where your skills and expertise will involve:

• Technical delivery – Implement, support and optimization of IAM and PAM services across the enterprise including SSO enablement of new SaaS applications and technical input and support to other projects and programmes.
• Technical assurance – ensuring Change Management process is adhered to and technically validated to protect live service.
• Security & Compliance – Ensure alignment with NCSC CAF and regulatory obligations, development, management and adherence to IAM Standard Operating Procedures (SOPs), support for internal and external IAM security audits.
• Automation & Integration – Drive improvements in provisioning, revocation, and access governance.
• Collaborative culture – Collaborate across IT, business, and vendor teams to deliver secure solutions.
• Continuous Improvement – Champion innovation and efficiency in identity management including maintenance plans and roadmaps to maintain the health of services.

What you'll bring:

• Education & Certifications – Degree in IT or Cybersecurity, ITIL Foundation, and ideally CIAM, CISSP or CISM.
• Extensive hands-on experience in IT; specifically, Microsoft Active Directory (AD), Entra ID and MS 365, with a good knowledge of system technologies, monitoring tools, processes, and incident handling in a 24x7x365 support environment.
• Experience of configuring, implementing, developing, and supporting complex solutions. Evidence of vendor/ stakeholder management qualities.
• Technical curiosity, ensuring continuous skills refresh, with cutting edge and new to market technologies explored, understood, and assessed.
• Experience and understanding with different delivery methods and tools including Waterfall, Agile, SCRUM, Prince2, KANBAN and JIRA.
• Experience of building relationships and working with a variety of stakeholders, supported by interpersonal and communication skills at all levels, with the ability to translate complex IT issues into business related vocabulary.
• Experience and understanding of ITIL framework and ITSM tools, specifically ServiceNow.
• Experience working in a regulated utility industry desired.
• Experience and understanding of UK Data Privacy legislation.

Technical knowledge or qualifications highly desirable in the following areas:

• Identity and Access Management, specifically Microsoft Active Directory (AD), Entra ID and MS 365 including Entra Connect, app registrations, certificate and password management for user and machine authentication.
• Deep knowledge of SAML, OAuth, OpenID Connect, SCIM, MFA and federation protocols.
• HR Provisioning, specifically SAP SuccessFactors to AD / Entra ID).
• Experience with Microsoft Entra ID Conditional Access, Defender for Identity, and Entra Permissions Management including PIM.
• Strong understanding of Cyber security principles including zero-trust, privileged access management (PAM), Just-In-Time (JIT) access, Role Based Access Control and adaptive authentication.
• Privileged Access Management, specifically CyberArk suite.
• Experience of integrating applications with IGA solutions using a variety of APIs and protocols such as Web service protocols REST/SOAP, LDAP, csv.
• Hands-on experience with identity automation; PowerShell scripting / MS Graph API, and other API-based integrations.
• Data Lifecycle management tools such as Microsoft Defender & Microsoft Purview.
• NCSC Cyber Assessment Framework (CAF).
• DevOps and cloud security best practices in AWS/Azure environments