IDENTITY & ACCESS MANAGEMENT SENIOR ENGINEER

The Identity & Access Management (IAM) Senior Engineer is responsible for delivering secure, scalable, and efficient identity services across the organisation. This role will lead initiatives to strengthen authentication, authorisation, and identity governance, collaborating with security, infrastructure, and application teams to deliver seamless and secure access for employees, partners, and customers.

Administration & Maintenance:

• Oversee the administration, maintenance, and monitoring of identity platforms including Microsoft Entra ID, Active Directory, MFA, SSO configurations, and connected identity services.
• Influence and implement workflows for user provisioning, de-provisioning, and access management, working alongside people teams to ensure effective lifecycle management for employee and guest accounts.
• Define and maintain documentation, standard procedures, and configuration baselines to ensure consistency and operational maturity.

Security & Compliance:

• Ensure identity platforms meet organisational security and regulatory requirements by leading audits, access reviews, risk assessments, and compliance activities.
• Support and enforce privileged access controls, including PIM role activation workflows, in accordance with organizational security controls

Design & Implementation

• Design and enhance IAM solutions, including Microsoft Entra ID, Active Directory, SSO, MFA, and Privileged Access Management, ensuring they are secure, scalable, and aligned to organisational strategy.
• Translate business and security requirements into technical designs and implementation plans, defining methods and procedures for new assignments where no precedent exists.
• Lead IAM design workstreams within cross-functional projects, providing expert guidance to engineers, security specialists, and architects.

Support & Troubleshooting:

• Act as a senior technical escalation point for complex identity incidents.
• Collaborate with the Service Desk and wider Technology teams to improve support processes, reduce repeat issues, and improve overall user experience.
• Define processes and technical documentation standards to support operational continuity.

Adoption & Optimisation

• Identify opportunities for automation and optimisation across IAM processes, especially around provisioning, access governance, and compliance activities.
• Influence the adoption of secure identity practices across teams by shaping policies, standards, and patterns.
• Lead continuous improvement initiatives across IAM operations, leveraging automation, standardisation, and data-driven insights.

Do you have experience in Scripting?, * Demonstrable experience managing and maintaining identity and access systems in an enterprise environment.

• 5+ years in IAM engineering roles, with hands-on experience with Entra ID, Active Directory, Enterprise Applications and security controls.
• Experience with identity lifecycle operations such as provisioning, de-provisioning, access reviews, and directory synchronisation.
• Strong knowledge of Zero Trust principles, Conditional Access design, and secure authentication practices.
• Proficiency in scripting for automation, reporting and configuration tasks.
• Excellent problem-solving skills and ability to work collaboratively across teams.
• Familiarity with ITIL service management practices, incident management, change control, and structured support processes.

Microsoft Certified:

• Identity & Access Administrator (or equivalent experience).
• ITIL Foundation certification (desirable).

Competencies

• Technical Expertise: Deep understanding of IAM technologies, protocols, and security frameworks.
• Problem-Solving: Demonstrates strong analytical skills to identify, diagnose, and resolve technical issues in a timely manner.
• Security Awareness: Maintains a solid understanding of security best practices and applies them consistently to protect systems, data, and users.
• Communication: Communicates clearly and effectively, both verbally and in writing, to ensure effective collaboration with team members and stakeholders.
• Collaboration: Ability to work effectively as part of a team, openly sharing knowledge and contributing to collective problem-solving.
• Adaptability: Remains flexible and responsive, adjusting to evolving technologies, priorities, and business needs in a fast-paced environment

• 'Enjoy the Ride' Merlin Annual Passes - 6 in total per year, 1 for you, plus 5 to gift to loved ones!
• Merlin Magic Pass - 20 free tickets for you, your family and friends to enjoy all our Merlin Attractions across the world rising to 40 after a year's service
• 33 days holiday (including bank holidays)
• Company bonus
• Private pension scheme
• 40% discount online off LEGO
• 25% discount in our on-site retail shops and restaurants
• Ongoing training and development opportunities
• Plus, many more…