Lead IT Security Specialist in London

This role is centered on global identity and access management (IAM), with a primary focus on Microsoft Entra ID. The ideal candidate may bring experience expertise across the broader Microsoft 365 security ecosystem: Intune, Defender, and Sentinel. This role will help define and execute the roadmap for identity and security technologies while ensuring a secure, compliant, and well-governed environment.

Key Responsibilities

• Serve as SME for hybrid Microsoft Entra ID, by providing strategic guidance, technical leadership, and hands-on support for identity and access management initiatives.
• Configure and manage Conditional Access, PIM, and RBAC to enforce adaptive access controls and identity governance aligned with modern security frameworks emphasizing continuous evaluation of user, device, and session risk.
• Configure and troubleshoot SSO, Provisioning, and any other MFA integrations with enterprise applications.
• Track and incorporate operational/incident trends to evolve enterprise IAM and security posture.
• Troubleshoot and resolve complex identity and endpoint security issues in real time.
• Maintenance of Microsoft Intune, to support device compliance, configuration profiles, and related security controls to improve security postures.
• Maintenance of Microsoft Defender for Endpoint, with a strong understanding of threat protection, attack surface reduction, and endpoint detection and response.
• Maintenance of Microsoft Sentinel, to aid in building and managing analytics rules, workbooks, playbooks, and incident response workflows within a SIEM environment.
• Perform cloud security analysis, configuration assessments, and develop tailored recommendations for internal teams and external clients.
• Provide technical guidance and support for Microsoft 365 E5 security services, including solution design, implementation strategies, and operational optimization.

The ideal candidate

• Minimum of 5 years of experience in IT Security, cloud architecture, IAM or related roles.
• Experience architecting and implementing IAM strategies.
• Solid experience with KQL, PowerShell, and automated policy deployment.
• Experience designing and implementing policies and procedures related to: Cloud tenant security (O365), Conditional Access, PIM, MFA, Auditing, logging, threat detection.
• Bachelor's degree in computer science, cybersecurity, or related technical field (or equivalent experience).
• Preferred certifications: Microsoft certifications such as Identity and Access Administrator Associate, Security Operations Analyst Associate, or Information Protection Administrator CISSP, GIAC, Security+, or other relevant IT security certifications.
• Previous work in technical consulting or client-facing security engineering roles.
• Deep understanding of hybrid Active Directory configurations and cloud-native identity governance.
• Working knowledge of Defender for Cloud, Sentinel playbooks, and advanced security workloads.
• Integration of HRIS or ERP tools with Entra and AD.
• Travel is required. Travel frequency depends on the role requirements.

What we offer

• Exceptional opportunities to learn, grow, and make an impact; from a generous annual professional development allowance for every employee to onsite training and learning conversations with visiting experts.
• Excellent benefits and perks to promote well-being and a healthy work-life balance, including: Generous time off and flexible work arrangements.
• Employer-paid health insurance and dental plans for individuals and families (no employee contribution required).
• Exceptional retirement savings plan (non-contributory for employees) and life insurance.
• Progressive paid parental leave, reproductive and family planning support, and much more.
• A commitment to nurturing a diverse and inclusive workplace, so you can bring your whole self to work and make a positive impact.

Who we are

Open Society Foundations aim to establish vibrant and inclusive democracies where governments are accountable to their citizens. Our operating model organizes grantmaking around specific, time-limited projects, developed alongside support for established partners, enabling us to respond swiftly to emerging needs. We are committed to promoting human dignity, equality, and rights; reimagining democratic ideals and practice; and advancing equity in governance systems. Guided by our founder’s values and the belief in the art of the possible, we engage directly with global entities, individuals, and policymakers through grants, advocacy, impact investing, and strategic human rights litigation to drive positive change. At the heart of our mission is a deep commitment to rights, equity, and justice, inspiring every action we take.

Additional Information

Open Society Foundations is committed to building an inclusive workforce that reflects the communities we serve. We actively seek applications from talented individuals across all backgrounds, identities, and life experiences. Each candidate is evaluated solely on their unique qualifications without regard to race, age, sex, religion, ethnic origin, nationality, gender, sexual orientation, disability, pregnancy, or any other legally protected characteristics. We are committed to providing reasonable accommodations for candidates with disabilities. Competitive rates of pay apply. Open Society Foundations is committed to advancing diversity, equity and inclusion, and to building a diverse staff that reflects the movements, issues and communities that our mission serves. Candidates from all underrepresented backgrounds, identities and communities are encouraged to apply. We are committed to providing reasonable accommodations to applicants and colleagues with disabilities.