Cyber Security IdAM Senior Specialist in Bath

Based at least 2 days a week in our Bath Head Office, you will report to the Cyber Security Engineering Team Leader. You will develop the Cyber Security Identity and Access Management (IdAM) functions, deliveries and continuous improvement of identity security across the organisation. You will ensure identity security operates as a strategic control pillar rather than a reactive support function.

The Cyber Security IdAM Senior Specialist drives the operational effectiveness, resilience and continuous improvement of the organisation's Identity and Access Management capabilities. The role ensures robust access control, secure authentication standards and regulatory alignment across on-premises, cloud and hybrid environments. It provides senior technical authority in identity security, working across IT, security, governance and business teams to embed best practice, reduce identity-related risk exposure and enhance the organisation's overall security posture.

In particular, you will:

• Investigate and resolve identity-related security incidents, including unauthorised access, privilege misuse and credential compromise.
• Develop and refine SIEM detection use cases and identity-centric analytics to enable earlier identification and containment of threats.
• Drive adoption of evolving identity security practices, including Zero Trust principles, modern authentication standards and identity analytics.
• Deliver roadmap enhancements to ensure IdAM capabilities remain aligned to the threat landscape and business risk profile.
• Act as technical service owner for key security platforms, ensuring performance, resilience and continual optimisation.
• Oversee monitoring and analysis of identity telemetry, authentication patterns and privilege usage to detect anomalous behaviour and systemic risk.
• Provide clear, risk-focused reporting and recommendations to senior management, supporting informed decision-making and prioritisation of remediation efforts.
• Provide authoritative identity security input into projects, architectural design reviews and technology implementations.
• Ensure new systems, integrations and application deployments align with enterprise authentication, authorisation and lifecycle standards.
• Maintain and continuously improve secure configuration baselines across identity infrastructure, including both cloud and on-premise environments.
• Lead optimisation and hardening of enterprise IdAM platforms, including privileged access controls, identity governance and directory security.
• Oversee access governance activities, including periodic access reviews, privilege rationalisation and enforcement of least-privilege principles.
• Identify and remediate systemic identity risk through conditional access enforcement, legacy protocol reduction, authentication strengthening and directory security enhancement.
• Produce and maintain high-quality documentation, including standards, procedures, runbooks and post-incident reports.
• Provide identity risk metrics and performance insight to support operational planning and strategic decision-making.
• Provide senior technical guidance and mentorship to analysts, engineers and apprentices, building identity security capability within the team.
• Act as a trusted advisor on identity and access matters across the business, balancing security requirements with operational practicality.
• Provide considered, proportionate guidance where security deviations are identified, ensuring remediation without unnecessary disruption.
• Promote a culture of shared accountability for identity security, strengthening collaboration between technical and business stakeholders.

Essential areas of expertise include:

• Advanced working knowledge of enterprise security tooling, including PAM, IAG, SIEM, EDR, and NDR platforms.
• Advanced working knowledge of enterprise IdPs such as AD and Entra ID.
• Proven ability to mentor, coach and uplift junior security professionals and apprentices.
• Extensive experience analysing, investigating and responding to security events within cloud environments.
• Extensive experience analysing and responding to threats within on-premise infrastructure.
• Demonstrated commitment to continuous improvement of security posture.
• Highly developed written communication skills.
• Strong verbal communication skills.
• Ability to operate effectively across multi-disciplinary teams.
• Comprehensive knowledge of security protocols, authentication mechanisms, cryptographic standards and modern access control technologies.
• Strong understanding of adversary tactics, techniques and procedures (TTPs).

What you’ll receive:

• A combined pension contribution of up to 20%.
• Career progression and professional development opportunities.
• 25 days' holiday rising to 28 with length of service.
• The opportunity to sell up to five days of holiday every year.
• The opportunity to buy up to ten days of holiday each year (subject to conditions).
• A healthcare package that allows you to claim back healthcare costs.
• Life assurance of up to eight times your salary.
• The opportunity to lease a new electric car through salary sacrifice (subject to conditions).
• Cashback and discounts from more than 3,000 retailers.
• One paid volunteering day each year.
• Enhanced family leave and pay arrangements.
• Access to an interactive health and wellbeing platform.
• Support from trained mental health first aiders.
• A £1,000 referral fee if you recommend someone who is successfully recruited by us.

We are passionate about diversity and inclusion – with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer.