Assistant Vice President, Authentication and Directory Services

MUFG, one of the world’s most respected financial groups, is seeking an Authentication and Directory Services Engineer AVP to join their IT Security team in London. The role supports critical authentication and directory services across EMEA, focusing on Microsoft Active Directory, Azure AD, SSO, MFA, Conditional Access, and automation scripting.

What you'll do:

• Act as the senior analyst responsible for technical engineering of Microsoft Active Directory (AD) and Entra ID (Azure AD) services across EMEA.
• Implement and maintain advanced security protocols including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Conditional Access policies, ensuring compliance with regulatory frameworks such as SOX and GDPR.
• Manage onboarding and offboarding of applications to authentication services, facilitating seamless integration with SSO solutions.
• Serve as the primary escalation point for complex issues related to authentication failures, directory synchronisation, and access management; resolve BAU incidents through thorough troubleshooting and analysis.
• Support the development of strategic direction for Authentication & Directory Services by contributing technical insights and collaborating with other teams within MUFG.
• Create and maintain comprehensive technical guides that communicate complex information clearly to both peers and less experienced colleagues.
• Oversee daily management of authentication platforms by monitoring service availability, health metrics, performance alerts, and maintaining operational documentation.
• Balance technical guidance against business risk to provide well-considered advice during incident investigations, problem resolution, and project decision-making processes.
• Initiate proactive improvements for standard operating procedures using available tools to evidence issues and escalate them appropriately.
• Develop scripts in PowerShell or Python to automate user account management tasks, reducing manual errors and enhancing efficiency.

What you bring:

• Deep knowledge of directory structures, authentication protocols (including SAML, OAuth, Kerberos), hybrid identity scenarios, and Microsoft Active Directory both on-premise and Azure AD environments.
• Proven experience with Quest AD management tools such as Quest Change Auditor and Quest Recovery Manager for effective auditing and recovery operations.
• Expertise in configuring Single Sign-On methods/protocols alongside Active Directory Federated Services (ADFS) and Certificate Services (ADCS).
• Advanced scripting abilities using PowerShell or Kusto Query Language (KQL) for automating user account management tasks.
• Ability to articulate complex technical instructions clearly in plain English for diverse audiences including senior stakeholders.
• Experience supporting large-scale global organisations with over 10,000 users; familiarity with financial regulations such as SOX compliance is highly desirable.
• Strong understanding of Identity Threat Detection & Response (ITDR) methodologies; capable of auditing access rights and monitoring suspicious activity effectively.
• Excellent communication skills combined with results‑driven accountability; able to operate with urgency while prioritising workload efficiently.
• Structured approach to work with exceptional attention to detail; adept at managing tight deadlines without compromising accuracy.
• Degree in technology‑related discipline preferred; financial services experience considered advantageous.

We are open to considering flexible working requests in line with organisational requirements.

What's next:

If you are ready to take your expertise in authentication services to new heights within a globally respected financial institution—apply now!

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non‑discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.