IAM Architect - Microsoft in Hampshire

Identity & Access Management Architect

Up to £90k + 15% Annual Bonus

Basingstoke, Hampshire

Once a week onsite

middle has partnered with a global enterprise organisation to hire an (IAM) Identity & Access Management Architect, who will take ownership of the on-premises Active Directory estate within a complex hybrid identity environment. There will be crossover across Microsoft Entra ID and Active Directory, working closely with cloud and infrastructure teams to evolve the broader IAM strategy.

In this role, you will have the independence to identify and implement new technologies, process improvements and automation across the identity domain. Youll have the opportunity to build a robust, modern and secure IAM platform that can automate, protect and scale across the enterprise.

The Role

• Lead modernisation and optimisation of the enterprise Active Directory infrastructure
• Drive improvements across hybrid identity (on-prem & cloud synchronisation and source of authority evolution)
• Design and deliver complex identity infrastructure projects (e.g. certificate authority rollout, domain consolidation, authentication modernisation)
• Evaluate and implement modern authentication methods such as FIDO2
• Support identity integration across manufacturing and operational technology (OT) environments
• Lead identity infrastructure initiatives end-to-end, owning delivery from initial concept and design through to implementation and operational handover
• Collaborate on identity infrastructure pipelines and automation
• Contribute to strategic and roadmap decisions for the enterprise IAM estate
• Mentor junior engineers and shape identity engineering standards
• Manage stakeholders across IT, OT, Senior Leadership, Information Security, Cyber, Cloud Infrastructure, and third-party vendors

The Ideal Candidate

Must Have:

• Extensive enterprise-level experience across Microsoft Entra ID and Active Directory, covering architecture, implementation, governance and roadmap ownership
• Proven architectural background in designing identity infrastructure solutions
• Experience delivering identity modernisation at scale
• Track record leading complex identity infrastructure projects from inception to completion
• Experience operating within large, global enterprise environments
• Enterprise-level Joiner, Mover, Leaver (JML) automation integrations
• Strong understanding of IAM security principles, including governance, least privilege, Zero Trust, modern authentication, and alignment to recognised security frameworks
• Experience delivering Privileged Access Management (PAM) solutions at scale
• Strong stakeholder communication skills
• Ability to mentor and elevate junior engineers

Nice to Have:

• Exposure to FIDO2 or modern passwordless authentication methods
• Experience with ManageEngine or Delinea
• Identity-related certifications

Why Join?

• Opportunity to modernise a large-scale enterprise Active Directory estate with significant improvement potential
• Work across both traditional IT and complex manufacturing/OT environments
• Influence long-term hybrid identity strategy
• Operate at enterprise scale with real architectural impact

You must already have the right to work in the UK. No sponsorship is available.