Cyber Security IdAM Specialist in Bath

This is a hybrid role based in our Bath head office, you will be responsible for the design, implementation, and management of Identity and Access Management (IdAM) systems and processes to enhance the organisation's IdAM posture across on-premises, cloud, and hybrid environments.

As the technical specialist in this role, you will be responsible for overseeing IdAM systems to ensure robust access control, regulatory compliance, and secure authentication practices. The role involves collaboration with IT, Security, and Governance teams to embed IdAM best practices into the organisation's infrastructure, addressing the diverse needs of on-premises, cloud, and hybrid environments.

Your main responsibilities will include:

• Investigating and responding to identity-related security incidents, including unauthorized access and compromised accounts.
• Aiding in analysing security events, incidents, and threats, by identifying root causes and developing effective countermeasures.
• Collaborating with the Security Coordination Centre (SCC) and Managed Security Service Provider (MSSP).
• Keeping abreast of innovations in IdAM, including advancements in Zero Trust architecture, authentication protocols, and identity analytics.
• Acting as a ‘service manager' for a designated technology area where necessary.
• Monitoring logs for anomalies and analysing access trends to configure identity analytics platforms to detect unusual patterns.
• Developing use cases and mechanisms within SIEM tooling, enabling proactive identification and remediation of threats.
• Providing timely updates and recommendations to senior management and stakeholders, enabling informed decision-making and proactive risk mitigation.
• Collaborating with Governance, Infrastructure, and Development teams to integrate secure-by-design principles into projects, processes, and existing technologies.
• Ensuring new deployments and applications adhere to security standards and IdAM best practices.
• Continuously testing the development and maintenance of secure build standards and profiles for both on-premise and cloud systems.
• Guiding the secure configuration and management of various security tools, sensors, and architectures.
• Optimising and securing configurations for PAM systems and platforms such as Entra ID, Entra PIM, and third-party IdAM platforms.
• Performing regular maintenance and updates to IdAM tools and other tooling, including regular access and permission reviews.
• Proactively identifying areas for improvement by addressing IdAM-related security gaps, implementing risk-based conditional access, transitioning to Zero Trust models, and hardening configurations for systems such as Active Directory, Kerberos, and NTLM.
• Developing and maintaining detailed documentation, including security policies, procedures, playbooks, and incident reports.
• Supporting and mentoring colleagues in techniques, processes, and technical skills.
• Providing considered advice and guidance where security transgressions are detected, employing tact, care, and consideration.

What you will need:

• Knowledge of and skills with core tooling such as PAM, EPM, SIEM, EDR, and NDR platforms.
• Ability to mentor and support junior security team members and apprentices in offensive security techniques, processes, and best practices.
• Experience working on projects to deliver new or improving security solutions, with direct experience working on a range of security systems.
• Ability to use, manage, and maintain various cyber security products.
• Strong understanding of important security concepts and security best practices.
• Strong experience analysing events, incidents, and threats in cloud infrastructure.
• Strong experience analysing events, incidents, and threats in on-premise infrastructure.
• Hugely enthusiastic about security, always keen to promote security awareness and looking for areas where security may be improved.
• Strong written communication skills, with experience of documenting policies, procedures, security requirements, and reporting for consumption at all levels up to, and including, senior management.
• Strong verbal communication, with the ability to clearly explain security requirements and important security concepts.
• Strong knowledge of security protocols, technologies, and best practices.
• Knowledge of common cyber security threats and application of countermeasures.
• Great knowledge of Tactics, Techniques and Procedures (TTP) e.g., MITRE ATT&CK Framework and MITRE ATT&CK for ICS.

What you will receive:

• A combined pension contribution of up to 20%.
• Career progression and professional development opportunities.
• 25 days' holiday rising to 28 with length of service.
• The opportunity to buy up to ten days' holiday and sell up to five every year.
• A healthcare package that allows you to claim back healthcare costs.
• Life assurance of up to eight times your salary.
• A new electric car in exchange for part of your gross salary, subject to conditions.
• Cashback and discounts from more than 3,000 retailers.
• One paid volunteering day each year.
• Enhanced family leave and pay arrangements.
• An interactive health and wellbeing platform.
• Support from mental health first aiders.
• A £1,000 referral fee if you recommend someone to work for us.

Who we are:

YTL UK is part of the international YTL Group based in Kuala Lumpur. The UK companies include Wessex Water, YTL Developments, YTL Construction UK, and YTL Arena, among others. Our people tell us that YTL UK is a great place to work, which is why so many of them stay with us! We are passionate about diversity and inclusion – with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer. If you require reasonable adjustments to be made during the recruitment process, please inform a member of our Recruitment team.