Director - Identity and Access Management

Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks facing PwC's clients. In recent PwC research, cyber security continues to rank as the top risk in the minds of CEOs globally, with 91% of UK CEOs rating it as a significant concern. Organisations are operating in an environment of rapid digital transformation, disrupted supply chains and increasingly dynamic workforces. PwC helps clients transform with confidence. Our Cyber Security practice enables organisations to execute change securely and to build long‑term cyber resilience.

Operating nationally, we serve clients holistically, combining strategy, risk and governance advisory with deep technical delivery and assurance capabilities. As one of the largest cyber security consulting practices in the UK, we have over 250 practitioners. Our team spans trusted business advisors working with boards and executive leadership, large‑scale transformation specialists delivering complex programmes, and deep technical subject matter experts who design, implement and operate critical security controls. Driven by growing client demand and the increasing complexity of cyber risk, our practice is experiencing sustained growth. Helping our clients gain confidence in their digital future is a core priority for the firm, and cyber security remains a key strategic growth area for PwC.

PwC UK provides market‑leading Identity and Access Management (IAM) advisory, assurance and delivery services that deliver distinctive value and enable clients to optimise their digital business services securely. Our approach brings together business insight, technical depth and industry experience to place digital identity at the centre of enterprise transformation. We support clients across the full IAM lifecycle, from strategy and operating model design through to technology implementation and optimisation. We help organisations address a broad range of IAM challenges, including enabling digital and cloud transformation, governing and securing access, managing identity during mergers and divestments, improving workforce and customer experience, and evolving towards more risk‑based, automated and intelligence‑driven identity models.

To remain relevant and competitive in a rapidly changing world, PwC requires purpose‑led, values‑driven leaders at every level. Our global leadership framework, the PwC Professional, sets out the expectations, behaviours and capabilities required to succeed and progress across our firm. As a Director in Identity and Access Management, you will lead teams of specialists to solve complex client challenges from strategy through to execution. You will play a pivotal role in shaping and delivering IAM strategies that enable secure, efficient and resilient access across complex enterprise environments. You will lead large‑scale IAM programmes spanning workforce, customer and non‑human identities, including the design and deployment of technologies such as CyberArk for Privileged Access Management, Microsoft Entra and Active Directory, Okta for identity and authentication, and Saviynt for identity governance and administration.

What your days will look like:

• Leading the development and delivery of IAM strategies, operating models and transformation roadmaps across multiple sectors.
• Providing senior leadership across complex IAM programmes, often comprising multiple workstreams and technologies.
• Advising clients on IAM best practices, standards and regulatory requirements (e.g. GDPR, ISO 27001, NIST).
• Embedding Zero Trust principles and risk‑based access models into client IAM architectures.
• Driving business growth through the expansion of IAM offerings and trusted client relationships.
• Leading, mentoring and developing high‑performing IAM and cyber security teams.
• Evaluating emerging IAM technologies and approaches, ensuring PwC remains at the forefront of the identity market.
• Maintaining a strong understanding of evolving IAM standards, protocols and regulatory developments.

The role is for you if:

• Extensive experience designing and delivering IAM solutions across large, complex and regulated environments.
• Strong hands‑on and architectural experience with leading IAM platforms, including CyberArk, Microsoft identity technologies (Active Directory, Entra ID), Okta, Ping, Sailpoint, Saviynt etc.
• Demonstrable experience implementing IAM within Zero Trust architectures.
• Deep understanding of identity capabilities, including access management, federation, identity governance, privileged access, certificate and key management, and non‑human identity security.
• Strong knowledge of authentication and authorisation standards and protocols (e.g. OAuth 2.0, OpenID Connect, SAML, Kerberos).
• Experience aligning IAM capabilities with broader cyber security, cloud and enterprise architecture strategies.
• Proven ability to communicate complex technical concepts clearly to senior executives and technical stakeholders, translating IAM outcomes into business value.
• Experience delivering IAM solutions in line with recognised frameworks and standards such as NIST, ISO 27001 and CSA.
• Experience advising on modern identity capabilities, including Identity Threat Detection and Response (ITDR), Identity Security Posture Management (ISPM) and shared IAM services frameworks.
• Extensive experience in cyber security roles, with a significant focus on Identity and Access Management.
• Bachelor's degree in computer science, Information Systems or a related discipline, or equivalent professional experience.

Preferred Qualifications:

• Knowledge of Public Key Infrastructure (PKI), certificate lifecycle management and cryptographic services.
• Awareness of emerging concepts such as crypto‑agility and quantum‑resilient identity and encryption approaches.
• Experience operating IAM at scale within cloud‑first and hybrid environments.
• Relevant professional certifications such as CISSP, CISM, CIAM, SABSA or equivalent.

What you'll receive from us:

No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more.

Travel Requirements: Up to 20%

Available for Work Visa Sponsorship? Yes

Government Clearance Required? Yes