Security Identity Enterprise Services Principal in City of London

The organisation is progressing through a multi‑year transformation programme focused on modernising its infrastructure and application landscape. Over recent years, it has adopted cloud‑native operating models, resilient hybrid platforms, and software‑defined data centre capabilities.

The Enterprise Services Principal Administrator (Identity) will be accountable for the end‑to‑end management of identity, access, and core infrastructure platforms across on‑premises, hybrid, and cloud environments. This includes Microsoft Entra ID, Active Directory, hybrid identity services, privileged access tooling, and Zero Trust Network Access solutions.

The role is instrumental in shaping and delivering the next phase of the organisation’s identity and infrastructure evolution. It requires close collaboration with Infrastructure, Security, and Architecture teams, ensuring a secure, scalable, and modern enterprise platform for the next 3–5 years.

• Lead identity and access management across Entra ID, Active Directory, hybrid identity, AD Connect, SSO, Conditional Access, and identity tiering.
• Provide subject matter expertise across infrastructure technologies including Linux, Kubernetes, Docker, VMware VCF, Azure, AWS, backup/DR, and ZTNA.
• Define, maintain, and communicate long‑term (3–5 year) identity and infrastructure roadmaps.
• Implement governance processes, standards, and architectural guardrails.
• Drive cloud adoption, hybrid identity modernisation, and alignment with Information Security and Enterprise Architecture.

• Lead identity‑focused transformation programmes, migrations, and security uplift initiatives.
• Deliver modernisation efforts across hybrid identity, authentication, and access control.
• Provide hands‑on support and mentorship to internal teams.
• Champion automation through IaC (Terraform, Ansible, GitLab).
• Ensure high‑quality, standardised technical output across projects.

• Oversee operational support and BAU services across identity platforms.
• Maintain uptime targets (SLA 99.999) through proactive monitoring and strong incident response.
• Identify risks and maintain architectural integrity.
• Participate in the on‑call rota.

• Build strong working relationships across technology and business functions.
• Communicate complex identity and infrastructure topics clearly.
• Deliver internal presentations to support organisational alignment.
• Advise and challenge stakeholders constructively to drive improved outcomes.

• In‑depth experience with Microsoft Entra ID across the full identity plane (beyond licensing).
• Strong understanding of authentication methods, Conditional Access, SSO, app integrations, and Zero Trust principles.
• Experience with hybrid identity architectures including AD, AD DS, AD Connect, and identity lifecycle flows.
• Knowledge of role‑based access control, PIM, Just‑in‑Time access, and delegated administration.
• Experience implementing identity tiering models.

• Experience with enterprise privileged access tools, including but not limited to:
• Active Roles
• Privileged password and session management platforms
• Linux authentication services

• Experience across: Azure and AWS, Kubernetes, Docker, Linux (Ubuntu / Red Hat), VMware VCF, Backup & DR solutions.
• Strong IaC experience (Terraform, Ansible) and CI/CD pipelines (GitLab).
• FinOps and cloud cost‑optimisation experience preferred.

• Experience responding to or supporting recovery during cyber incidents.
• Strong understanding of infrastructure security concepts: firewalls, routing, IDS/IPS, ZTNA, load balancing.
• Working knowledge of Zero Trust Network Access services.

• Preferred certifications include: Microsoft Entra / Azure identity or administrator certifications, Security certifications (CISSP, CISM, SSCP, etc.), Kubernetes certifications (CKA/CKAD), Linux, VMware, or automation certifications.