IAM Specialist

• Implement and configure the IGA platform (SailPoint, Saviynt, Omada, or similar) to meet requirements
• Integrate the IGA solution with Microsoft Entra ID as the primary Identity Provider
• Connect authoritative sources (HR systems, contractor databases) to drive identity lifecycle
• Design and implement joiner-mover-leaver (JML) processes with automated provisioning and deprovisioning
• Build and configure approval workflows for access requests, role assignments, and exceptions
• Implement access certification campaigns and recertification processes
• Develop role mining and role-based access control (RBAC) models in collaboration with business owners
• Configure application connectors for target systems (AD, Entra ID, SaaS applications, on-prem systems)
• Implement segregation of duties (SoD) policies and access risk analytics
• Configure SSO and federation services using SAML, OAuth 2.0, OpenID Connect, and SCIM
• Support identity data quality management and remediation activities
• Troubleshoot provisioning failures, synchronisation issues, and connector errors
• Collaborate with application owners during onboarding to define access models and entitlements
• Maintain documentation of IGA configurations, workflows, and integration specifications
• Support audit and compliance activities with reporting and evidence gathering

• Hands-on experience implementing IGA platforms (SailPoint, Saviynt, Omada, One Identity, or similar)
• Proven experience integrating IGA with Microsoft Entra ID/Azure AD
• Experience connecting authoritative sources (HR systems, databases) to IGA platforms
• Strong understanding of identity lifecycle management and JML process automation
• Experience building approval workflows and access request processes
• Knowledge of access certification, recertification, and attestation campaigns
• Understanding of RBAC modelling, role mining, and entitlement management
• Experience with application connector development and configuration
• Strong understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, SCIM)
• Knowledge of directory services (Active Directory, LDAP) and hybrid identity
• Working knowledge of security frameworks: ISO 27001, NIST CSF
• Strong troubleshooting skills for provisioning and synchronisation issues
• Good documentation skills for technical configurations and runbooks

Desirable:

• Degree in Information Security, Computer Science, or related STEM field
• Vendor certifications in IGA platforms (SailPoint, Saviynt, Omada)
• Microsoft certification: SC-300 (Identity and Access Administrator)
• Experience with segregation of duties (SoD) policies and access risk analytics
• Scripting skills (PowerShell, Python) for automation and connector development
• Experience with API integration and web services
• Familiarity with ITSM workflows and change control procedures
• Experience in public sector or critical national infrastructure environments