Head of Identity Access Governance

Head of Identity & Access Governance (IAG)

Location: London - Hybrid - 3 days on site

Department: BISO Office

Reports to: BISO

Type: Full - Time, Permanent

SPONSORSHIP UNAVAILABLE

Role Summary:

The Head of Identity & Access Governance is a senior strategic leader responsible for defining and executing the global Identity Security and Zero Trust roadmap across a complex international organisation. This role leads enterprise-wide governance of digital identities, access models, controls, and technologies, ensuring secure-by-design access for employees, partners, and systems across multiple regions.

The ideal candidate combines deep expertise in Identity Governance, Zero Trust architectures, Active Directory / Entra ID, and identity transformation with strong leadership, stakeholder influence, and operating-model experience.

Key Responsibilities

1. Strategic Leadership & Roadmap Ownership

• Develop and own the global Identity & Access Governance strategy, aligned to business objectives and the enterprise cyber roadmap.
• Lead the design, implementation, and continuous improvement of the organisation's Zero Trust security model, including identity as the new perimeter.
• Define the multi - year roadmap covering identity governance, PAM, role engineering, directory services, automation, and identity analytics.

2. Identity Governance Oversight

• Set enterprise-wide policies, standards, and controls governing user access, privileged access, and system entitlements.
• Ensure consistent governance across all regions and business units, including federated environments and third - party access.
• Oversee Joiner-Mover-Leaver (JML) lifecycle automation and risk - based access models.

3. Technology Leadership (AD, Entra ID & IAM Platforms)

• Own the strategy and governance model for Active Directory (AD), Entra ID (Azure AD), and domain services across the enterprise.
• Lead or advise on major technical initiatives such as consolidations, domain modernisation, AD hardening, conditional access, and authentication standards.
• Oversee selection, architecture, and operation of IAG and PAM tools - OKTA

4. Zero Trust & Access Transformation

• Champion a holistic Zero Trust vision covering identity, device, network, application, and data security.
• Define principles such as least privilege, continuous validation, segmentation, and risk - adaptive access.
• Drive adoption across business functions, technology teams, and geographic regions.

5. Governance, Compliance & Risk Management

• Ensure identity processes comply with global standards and regulations (ISO 27001, NIST, SOX, GDPR, industry - specific controls).
• Lead IAG risk assessments, audit readiness, control testing, and remediation activities.
• Provide executive reporting on identity risk posture, programme maturity, and KPIs.

6. People Leadership & Operating Model

• Lead and grow a global Identity Governance team responsible for strategy, governance, engineering, and operations.
• Build effective partnership models with IT Operations, Cloud Engineering, Security Architecture, HR, and Global Business Units.
• Establish a federated identity operating model with clear accountability and measurement.

7. Innovation & Continuous Improvement

• Evaluate emerging technologies
• Drive automation to streamline access provisioning, certifications, and privileged access processes.
• Promote a culture of secure digital identity and user - centric access experience.

Skills, Experience & Qualifications

Essential

• 10+ years' experience in Identity & Access Management, with at least 5 years in strategic or leadership roles.
• Proven experience managing identity services across global, multi-region, multi-forest environments.
• Deep understanding of Active Directory, Entra ID, authentication protocols, and directory security.
• Demonstrable ownership of Zero Trust strategy implementation at enterprise scale.
• Strong background in IAG technologies.
• Experience with Privileged Access Management (CyberArk, BeyondTrust, etc.).
• Excellent stakeholder management and communication skills across senior business and technical audiences.

Key Competencies

• Strategic vision with the ability to execute at scale.
• Strong leadership and cross - functional influence.
• Technical authority in identity and directory services.
• Risk - driven decision-making.
• Excellent communication and executive presentation skills.
• Ability to operate within a complex, global matrix organisation.

#4783663 - James

• 10+ years' experience in Identity & Access Management, with at least 5 years in strategic or leadership roles.
• Proven experience managing identity services across global, multi-region, multi-forest environments.
• Deep understanding of Active Directory, Entra ID, authentication protocols, and directory security.
• Demonstrable ownership of Zero Trust strategy implementation at enterprise scale.
• Strong background in IAG technologies.
• Experience with Privileged Access Management (CyberArk, BeyondTrust, etc.).
• Excellent stakeholder management and communication skills across senior business and technical audiences.

Key Competencies

• Strategic vision with the ability to execute at scale.
• Strong leadership and cross - functional influence.
• Technical authority in identity and directory services.
• Risk - driven decision-making.
• Excellent communication and executive presentation skills.
• Ability to operate within a complex, global matrix organisation.