Identity and Access Management (IAM) Specialist

Role: IAM Specialist (Identity Governance & Administration)

Location: Culham - 2-3 days per week on site, remainder remote

Duration: Until 18/12/2026 (possible extension)

Day Rate: Approx. £50-55/hour (Umbrella)

IR35: In scope

Sector: Cyber / Public Sector

Clearance: BPSS (eligible for SC)

Our client's mission is to deliver highly secure, scalable and innovative digital solutions to support critical national work. The IAM Specialist will sit within the cyber security team and will be directly responsible for the technical implementation and configuration of a new IGA platform.

What you will be doing

• Implement and configure an enterprise IGA platform (SailPoint, Saviynt, Omada, One Identity or similar) from a hands-on, technical standpoint.
• Integrate the IGA solution with Microsoft Entra ID / Azure AD as the primary Identity Provider.
• Connect authoritative sources (HR systems, contractor databases, directories) to underpin identity lifecycle management.
• Design and build automated Joiner-Mover-Leaver (JML) processes for provisioning and deprovisioning.
• Create and optimise approval workflows and access request processes, including exceptions.
• Set up and manage access certification / recertification campaigns and attestation activities.
• Develop and refine RBAC models, including role mining and entitlement management.
• Configure application connectors for AD, Entra ID, SaaS and on-prem systems.
• Implement segregation of duties (SoD) policies and access risk analytics.
• Configure SSO and federation using SAML, OAuth 2.0, OpenID Connect and SCIM.
• Troubleshoot provisioning and synchronisation issues and support data quality remediation.
• Produce clear technical documentation, runbooks and configuration specifications.
• Support audit and compliance reporting against frameworks such as ISO 27001 and NIST CSF.

What they are looking for

• Strong, hands-on IGA implementation experience (SailPoint, Saviynt, Omada, One Identity, or similar).
• Proven track record integrating IGA with Microsoft Entra ID / Azure AD and directory services (AD, LDAP, hybrid identity).
• Deep understanding of identity lifecycle management and automated JML workflows.
• Experience building approval workflows, access request processes and certification campaigns.
• Solid knowledge of authentication and authorisation standards: SAML, OAuth 2.0, OpenID Connect, SCIM.
• Good troubleshooting skills around provisioning, synchronisation and connector configuration.
• Comfortable documenting configurations and creating runbooks.

Nice to have

• Degree in Information Security, Computer Science or related STEM field.
• Vendor certifications in IGA (e.g. SailPoint, Saviynt, Omada) and/or Microsoft SC-300.
• Scripting skills (PowerShell, Python) for automation and connector development.
• Experience with API integrations, web services and ITSM / change control processes.
• Background in public sector or critical national infrastructure environments.

Why this role could interest you

• Long-term stability: Contract running until December 2026, offering continuity and depth of involvement.
• Impactful work: You will be shaping the core identity governance capability for a high-profile, security-focused organisation.
• Hands-on technical focus: This is not a high-level advisory role - you will actually build, configure and optimise the platform.
• Collaborative environment: Work closely with cyber, HR, IT operations and application owners to design pragmatic access models.