1,245 Identity jobs in the United Kingdom

**Job Description**



In our continuous journey of growth and innovation at Carnival UK, we are seeking an **Identity & Access Management Analyst** , to bring fresh insights and expertise to our Global Cyber Security (GCS) department in the UK.



This pivotal role will involve:


Provision and de-provision user access across multiple systems as part of the Joineru2013Moveru2013Leaver process.


Carry out regular user, supplier and privileged access reviews within audit timelines.


Ensure compliance with governance and regulatory standards (SOX, GDPR, PCI) and support audits.


Manage manual processes accurately, including working with spreadsheets and multiple access methods.



This role is positioned at CUK10 level within our organisation and is available on a fixed-term basis for an initial period of 6-months, with the potential of extension. We offer hybrid work including up to two days from home.



**Who We Are**



Carnival UK is a leading name in the holiday sector, dedicated to delivering unforgettable holiday happiness to our guests. Our success is built on a foundation of diverse talents and perspectives, and we believe in fostering an inclusive environment where everyone can thrive.



**What You'll Bring**



Your unique background and skills are what will make you stand out. We're looking for:


Strong Microsoft Excel skills for handling and validating data.


Good understanding of Identity & Access Management principles and processes.


Familiarity with Active Directory and application access administration.


Preferably some knowledge of SOX compliance framework.



**About You: The Ideal Candidate**



You are more than just your CV. You're someone who brings:


High attention to detail and accuracy to maintain compliance.


Strong sense of accountability and ability to meet deadlines.


Clear and proactive communication with stakeholders.


Continuous improvement mindset to streamline processes.



**Application Guidance**



Diversity is our strength, and we encourage applications from those with varied experiences, whether you meet every listed requirement or not. If youu2019re passionate about technology and looking for an opportunity to grow, weu2019d love to hear from you. Due to the popularity of our roles and our commitment to finding the best talent, we may close applications earlier than advertised. Donu2019t miss out on this opportunity to become part of a team dedicated to creating unforgettable holiday happiness. Apply today to start your journey with us.



**Why Join Us?**



Working with us means more than just a role in technology. Itu2019s about being part of a team that values well-being and personal growth. Hereu2019s what we offer:


Employee Discounted Cruising plus Friends and Family offers


Minimum 25 days leave, bank holiday allowance and holiday trading scheme


Recognition scheme with prizes and awards


Regular office events including live entertainment, lifestyle events and charity partner fundraisers


Extensive learning and development opportunities


Employee-led networks


Employee Assistance and Wellbeing programmes


Company paid Health Cash Plan and health assessment


In-house Occupational Health help and access to digital GP


Life Assurance


Parental and adoption leave


Employee Shares Plan


Electric Car and Cycle to Work schemes


Onsite restaurant offering range of healthy cooked and grab and go meals


Discounted retail and leisure via discounts portal


Contributory Defined Contribution Pension scheme


A friendly welcome with help settling in



**Recruitment Journey**



For more information on your recruitment journey, please visit .



**_#LI-Hybrid_**



_#CUK_



_#Job Functions: Administrative; Information Technology_



_#LI-BA1_



**About Us**



Holidays are one of lifeu2019s greatest pleasures. Having the chance to relax, escape and explore is a magical thing. And there is no better holiday than a cruise.



No one knows cruising like Carnival UK, where talented people from across the globe come together to create unforgettable holiday happiness. As part of the worldu2019s largest holiday travel and leisure company, we take enormous pride in bringing to life two of the most iconic brands from Britainu2019s rich seafaring heritage, P&O Cruises and Cunard. Collectively they have been delivering unbridled joy, boundless adventure and lifelong memories to millions of people for over 350 years. And in a multi-million pound global holiday market, where cruising has barely scratched the surface, we have the opportunity to do that for many, many more people.



Our diverse yet tight knit teams share high standards, heartfelt values and passion for our purpose. Our Culture Essentials describe the expectations we have for ourselves and of each other, in building a culture that supports safe, sustainable, compliant operations and celebrates diversity, equity and inclusion.



Itu2019s through the successful delivery of these extraordinary travel experiences for our target markets and our distinctive culture, that we hope to become Travelu2019s Employer of Choice.

**Job Description**
In our continuous journey of growth and innovation at Carnival UK, we are seeking an **Identity & Access Management Analyst** , to bring fresh insights and expertise to our Global Cyber Security (GCS) department in the UK.
This pivotal role will involve:
+ Provision and de-provision user access across multiple systems as part of the Joiner-Mover-Leaver process.
+ Carry out regular user, supplier and privileged access reviews within audit timelines.
+ Ensure compliance with governance and regulatory standards (SOX, GDPR, PCI) and support audits.
+ Manage manual processes accurately, including working with spreadsheets and multiple access methods.
This role is positioned at CUK10 level within our organisation and is available on a fixed-term basis for an initial period of 6-months, with the potential of extension. We offer hybrid work including up to two days from home.
**Who We Are**
Carnival UK is a leading name in the holiday sector, dedicated to delivering unforgettable holiday happiness to our guests. Our success is built on a foundation of diverse talents and perspectives, and we believe in fostering an inclusive environment where everyone can thrive.
**What You'll Bring**
Your unique background and skills are what will make you stand out. We're looking for:
+ Strong Microsoft Excel skills for handling and validating data.
+ Good understanding of Identity & Access Management principles and processes.
+ Familiarity with Active Directory and application access administration.
+ Preferably some knowledge of SOX compliance framework.
**About You: The Ideal Candidate**
You are more than just your CV. You're someone who brings:
+ High attention to detail and accuracy to maintain compliance.
+ Strong sense of accountability and ability to meet deadlines.
+ Clear and proactive communication with stakeholders.
+ Continuous improvement mindset to streamline processes.
**Application Guidance**
Diversity is our strength, and we encourage applications from those with varied experiences, whether you meet every listed requirement or not. If you're passionate about technology and looking for an opportunity to grow, we'd love to hear from you. Due to the popularity of our roles and our commitment to finding the best talent, we may close applications earlier than advertised. Don't miss out on this opportunity to become part of a team dedicated to creating unforgettable holiday happiness. Apply today to start your journey with us.
**Why Join Us?**
Working with us means more than just a role in technology. It's about being part of a team that values well-being and personal growth. Here's what we offer:
+ Employee Discounted Cruising plus Friends and Family offers
+ Minimum 25 days leave, bank holiday allowance and holiday trading scheme
+ Recognition scheme with prizes and awards
+ Regular office events including live entertainment, lifestyle events and charity partner fundraisers
+ Extensive learning and development opportunities
+ Employee-led networks
+ Employee Assistance and Wellbeing programmes
+ Company paid Health Cash Plan and health assessment
+ In-house Occupational Health help and access to digital GP
+ Life Assurance
+ Parental and adoption leave
+ Employee Shares Plan
+ Electric Car and Cycle to Work schemes
+ Onsite restaurant offering range of healthy cooked and grab and go meals
+ Discounted retail and leisure via discounts portal
+ Contributory Defined Contribution Pension scheme
+ A friendly welcome with help settling in
**Recruitment Journey**
For more information on your recruitment journey, please visit .
**_#LI-Hybrid_**
_#CUK_
_#Job Functions: Administrative; Information Technology_
_#LI-BA1_
**About Us**
Holidays are one of life's greatest pleasures. Having the chance to relax, escape and explore is a magical thing. And there is no better holiday than a cruise.
No one knows cruising like Carnival UK, where talented people from across the globe come together to create unforgettable holiday happiness. As part of the world's largest holiday travel and leisure company, we take enormous pride in bringing to life two of the most iconic brands from Britain's rich seafaring heritage, P&O Cruises and Cunard. Collectively they have been delivering unbridled joy, boundless adventure and lifelong memories to millions of people for over 350 years. And in a multi-million pound global holiday market, where cruising has barely scratched the surface, we have the opportunity to do that for many, many more people.
Our diverse yet tight knit teams share high standards, heartfelt values and passion for our purpose. Our Culture Essentials describe the expectations we have for ourselves and of each other, in building a culture that supports safe, sustainable, compliant operations and celebrates diversity, equity and inclusion.
It's through the successful delivery of these extraordinary travel experiences for our target markets and our distinctive culture, that we hope to become Travel's Employer of Choice.

Senior Identity & Access Management Engineer
Job Description:
Reporting to the Infrastructure Team Manager or Functional Director, the Senior Identity & Access Management Engineer is responsible for delivering and supporting high-quality services and systems that enable and empower our colleagues across the organisation. As a key technical contributor, the Senior IAM Engineer plays an important role in designing, implementing, and maintaining identity and infrastructure solutions through strong collaboration within the team and across Sage.
You will work as part of a supportive and experienced team, where you'll receive the coaching and development needed to succeed in your role, while also contributing your expertise to mentor junior team members and share best practices. You will support the delivery of projects and continuous improvement initiatives, working closely with peers and stakeholders to ensure high standards of quality, reliability, and performance.
You will work closely with the Principal Identity Engineer to help define and deliver our strategy and Roadmap. Supporting his technical vision with your extensive experience.
*** Please note this is a hybrid role - you will work 3 days a week from our Newcastle office. ***
Key Responsibilities:
Key Responsibilities include:
o Delivery and maintenance of robust technical solutions, including the configuration and management of both on-premise and cloud-based systems such as Entra ID, Active Directory, and supporting services like Multi-Factor Authentication, Conditional Access, Public Key Infrastructure, and DNS.
o Use of scripting and automation tools, particularly PowerShell, to streamline identity and access management operations and develop efficient, repeatable workflows
o Contributing to all phases of project delivery, including technical design, implementation, configuration, and documentation, while collaborating with technical leads and stakeholders throughout the lifecycle.
o Appling security best practices to identity and access management, including security hardening, privileged access controls, and audit measures, helping to ensure systems are secure and compliant.
o Collaborating effectively with cross-functional teams, aligning identity solutions with business and security requirements. Communicate clearly with both technical and non-technical stakeholders to ensure shared understanding and alignment.
o Commitment to staying updated on industry trends, emerging technologies and advancements in cloud identity and access management. Proactive in seeking out professional development opportunities.
o Being curious with a growth mindset and a proven ability to troubleshoot and resolve complex issues with experience in root cause analysis and the development of preventive measures to enhance system reliability.
o Supporting adoption of new technologies and tools, assisting with evaluations and sharing insights with the wider team to drive innovation and continuous improvement.
Requirements:
o Extensive experience with Active Directory and Entra ID, specifically areas like Conditional Access / Identity Protection / MFA / Domain Controllers / DNS / DHCP.
o Knowledge of Securing Identity Platforms such as Privileged Identity Management (PIM) and Role-based Access Control (RBAC).
o Familiarity with security tools and practices such as, Entra ID Governance, Defender for Identity, Microsoft Sentinel, Group Policy hardening, and Secure LDAP.
o Knowledge of Azure Security Centre features related to identity security.
o Proficiency in implementing and managing Entra ID B2B for external user collaboration.
o Experience with Entra Connect for integrating on-premise Active Directory with Entra ID.
o Proficiency in scripting languages such as PowerShell for automating Entra ID tasks and configurations.
o Experience with Infrastructure as Code (IaC) tools for managing Azure resources.
o Knowledge of Entra ID Graph API and Microsoft Graph API for programmatically managing Entra ID resources.
o Understanding of DNS principles, design and configuration.
o Integration of DNS services with Active Directory and Entra ID for name resolution and identity verification.
o Experience with implementing and managing Public Key Infrastructure (PKI) solutions.
o Knowledge of digital certificate management, including issuance, renewal, and revocation processes.
#LI-JM2
Function:
IT
Country:
United Kingdom
Office Location:
Newcastle
Work Place type:
Hybrid
Advert
Working at Sage means you're supporting millions of small and medium sized businesses globally with technology to work faster and smarter. We leverage the future of AI, meaning business owners spend less time doing routine tasks, like entering invoices and generating reports, and more time pursuing their ambitions.
Our colleagues are the best of the best. It's why we were awarded 2024 Best Places to Work by Glassdoor. Because to achieve extraordinary outcomes, we need extraordinary teams. This means infusing Sage with people who knock down barriers, continuously innovate, and want to experience their potential.
Learn more about working at Sage:sage.com/en-gb/company/careers/working-at-sage/
Watch a video about our culture:youtube.com/watch?v=qIoiCpZH-QE
We celebrate individuality and welcome you to join us if you embrace all backgrounds, identities, beliefs, and ways of working. If you need support applying, reach out
Learn more about DEI at Sage:sage.com/en-gb/company/careers/diversity-equity-and-inclusion/
Equal Employment Opportunity (EEO)
Sage is committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities.
In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Sage will be based on merit, qualifications, and abilities. Sage does not discriminate in employment opportunities or practices on the basis of race, color, religion, sex, national origin, age, protected disability, veteran status, sexual orientation, gender identity, genetic information, or any other characteristic protected by applicable law.

**Do you want your voice heard and your actions to count?**



Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the worldu2019s leading financial groups. Across the globe, weu2019re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.



With a vision to be the worldu2019s most trusted financial group, itu2019s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.



Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.



Corporate Technology is responsible for the operation, development and support of all applications across all areas of the business. Corporate Technology ensures IT strategy, architecture and solutions are aligned to business requirements. This role reports to the CISO and is part of the Risk, Security and Control (RSC) team. RSC are collectively responsible for ensuring IT Security and Risk is managed through Identity and Access Management and Cyber Security. Additionally, RSC ensures all risks are recorded and where possible mitigated and IT controls, procedures and policies are implemented successfully.



**NUMBER OF DIRECT REPORTS**



3 direct u2013 Full Team size of 30



**MAIN PURPOSE OF THE ROLE**



An exciting opportunity is available to join this group for a senior experienced leader with a technical background in identity, PAM and Access Management. They will lead the team and provide the technical capability to support the creation of a strategic direction for IAM. This will include the tool set choices, supporting and maintaining the overall service health, managing vendors and ensuring the direction taken aligns with the overall strategic objectives of the organisation.



The team handles day to day management of all Authentication, Privileged Access Management and Access Management needs of the business achieved by the following tools: Active Directory on premise, Entra ID for Cloud, CyberArk and RSA IG&L. There will need to be close co-ordination with the RSC and Infrastructure Teams. All technical documentation and platform standards must be kept up to date and technical direction and strategy must be developed and enhanced as required.



The successful candidate will be a very experienced leader and must familiarise themselves with the processes and procedures of the Bank quickly to be able to support and oversee the day to day platform and operational management. They must also provide the team with coaching and mentoring on best practice in the disciplines they are responsible for. Candidates will be expected to articulate complex technical matters in plain English to earn the support of senior management stakeholders and those technically less experienced. The role requires an excellent team player; a self-starter with a motivation and desire to seek out & deliver improvements and a drive to build the team and promote future platform opportunities for approval and funding. Experience of managing personnel both onshore and offshore is essential.



Candidates applying for this role must be able to demonstrate senior leadership and management skills, with around 10 years of experience, have an in-depth knowledge of Identity Management, Privileged Account Management technologies through either a Systems Engineer qualification or proven experience working in these specialities. Candidates should also be able to demonstrate practical experience and insight gained through similar roles including in-depth troubleshooting and team leadership skills.



**KEY RESPONSIBILITIES**



1. Provide strong and experienced leadership.



2. Govern and advise on technical direction for Authentication, PAM and Access Management, especially through technical workshops and 1:1 coaching sessions, to ensure alignment to business strategy.



3. Creation and maintenance of technical guides to convey facts simply and effectively to both peers and those less experienced.



4. Daily management and maintenance of the Authentication, PAM and Access Management platforms, ensuring service availability; health and performance monitoring & alerting and the maintenance of operational & technical documentation.



5. Balance technical fact / opinion against business risk / delivered service to provide well thought through guidance to support technical staff with incident; problem investigation and project decisions.



6. Proactively initiate investigations for improvements for standard operating processes and procedures, utilising the current owned / licensed tools available, to evidence and escalate issues to the management team. Candidate should be comfortable in communicating with all levels of the management hierarchy.



7. Produce and interpret service performance and security data to provide analysis for investigations; baseline performance and trend reports for management to highlight areas of focus / improvement and on-going change.



8. Play a leading role in documenting, presenting and using direct communication to map software lifecycle, create work breakdown structures (WBS) and the appropriate supporting documentation to ensure that the software remains current and supportable without disruption to the organisation.



9. Lead technical delivery, supporting the programme and project managers delivering specialist tasks to time and cost.



10. Work with the problem management function under the ITIL framework to investigate potential issues through to a timely resolution.



**WORK EXPERIENCE**



Apart from strong managerial experience, candidates must be able to demonstrate an advanced level of knowledge and experience in the following technical areas:


Microsoft Active Directory u2013 Advanced trouble-shooting and configuration
Microsoft Active Directory u2013 Experience of global 10,000+ user multi-Forest Environment
Entra ID u2013 Advanced troubleshooting and configuration
Entra ID u2013 management via Powershell modules and Graph API
CyberArk Privileged Access Management
DNS configuration and advanced troubleshooting
Group Policy Objects
Quest Change Auditor
Quest Forest Recovery Manager
Active Directory Certificate Services
Active Directory Federated Services
Azure AD Connect configuration
Azure AD Connect Connectors, sync rules and metaverse queries
Entra ID Conditional Access Policies
SSO implementation via SAML and OAUTH
Powershell script creation
Powershell Automation and centralised management
Multi-Factor Authentication configuration via MS Authenticator
User Lifecycle Management
Role Based Access Control
Access Management Systems (general)
RSA IG&L troubleshooting and configuration



**SKILLS AND EXPERIENCE**



**Functional / Technical Competencies:**



Essential


An experienced leader
To a certified level in around half of the work experience subjects above.



Preferred:


To a certified level in more than half of the work experience subjects above.



**Education / Qualifications:**



Essential


Degree or equivalent experience



**PERSONAL REQUIREMENTS**


Personal alignment to MUFG Values
Integrity & Responsibility
Professionalism & Teamwork
Challenge ourselves to grow


Personal alignment to EMEA Cultural Principles
Client Centric
People Focused
Listen Up, Speak Up
Innovate & Simplify
Own & Execute


Excellent communication skills
Results driven, with a strong sense of accountability
A proactive, motivated approach.
The ability to operate with urgency and prioritise work accordingly
Strong decision making skills, the ability to demonstrate sound judgement
A structured and logical approach to work
Strong problem solving skills
A creative and innovative approach to work
Excellent interpersonal skills
The ability to manage large workloads and tight deadlines
Excellent attention to detail and accuracy
A calm approach, with the ability to perform well in a pressurised environment
Strong numerical skills
Excellent Microsoft Office skills
A confident approach, with the ability to provide clear direction to your team
Excellent managerial/leadership experience
The ability to lead a high performing team
A strategic approach, with the ability to lead and motivate your team
The ability to articulate and implement the vision/strategy for the RSC department



We are open to considering flexible working requests in line with organisational requirements.



MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.



We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.



At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!



**Our Culture Principles**


Client Centric
People Focused
Listen Up. Speak Up.
Innovate & Simplify
Own & Execute

**Do you want your voice heard and your actions to count?**



Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the worldu2019s leading financial groups. Across the globe, weu2019re 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.



With a vision to be the worldu2019s most trusted financial group, itu2019s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.



Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.



Corporate Technology is responsible for the operation, development and support of all applications across all areas of the business. Corporate Technology ensures IT strategy, architecture and solutions are aligned to business requirements. This role reports to the CISO and is part of the Risk, Security and Control (RSC) team. RSC are collectively responsible for ensuring IT Security and Risk is managed through Identity and Access Management and Cyber Security. Additionally, RSC ensures all risks are recorded and where possible mitigated and IT controls, procedures and policies are implemented successfully.



**NUMBER OF DIRECT REPORTS**



3 direct u2013 Full Team size of 30



**MAIN PURPOSE OF THE ROLE**



An exciting opportunity is available to join this group for a senior experienced leader with a technical background in identity, PAM and Access Management. They will lead the team and provide the technical capability to support the creation of a strategic direction for IAM. This will include the tool set choices, supporting and maintaining the overall service health, managing vendors and ensuring the direction taken aligns with the overall strategic objectives of the organisation.



The team handles day to day management of all Authentication, Privileged Access Management and Access Management needs of the business achieved by the following tools: Active Directory on premise, Entra ID for Cloud, CyberArk and RSA IG&L. There will need to be close co-ordination with the RSC and Infrastructure Teams. All technical documentation and platform standards must be kept up to date and technical direction and strategy must be developed and enhanced as required.



The successful candidate will be a very experienced leader and must familiarise themselves with the processes and procedures of the Bank quickly to be able to support and oversee the day to day platform and operational management. They must also provide the team with coaching and mentoring on best practice in the disciplines they are responsible for. Candidates will be expected to articulate complex technical matters in plain English to earn the support of senior management stakeholders and those technically less experienced. The role requires an excellent team player; a self-starter with a motivation and desire to seek out & deliver improvements and a drive to build the team and promote future platform opportunities for approval and funding. Experience of managing personnel both onshore and offshore is essential.



Candidates applying for this role must be able to demonstrate senior leadership and management skills, with around 10 years of experience, have an in-depth knowledge of Identity Management, Privileged Account Management technologies through either a Systems Engineer qualification or proven experience working in these specialities. Candidates should also be able to demonstrate practical experience and insight gained through similar roles including in-depth troubleshooting and team leadership skills.



**KEY RESPONSIBILITIES**



1. Provide strong and experienced leadership.



2. Govern and advise on technical direction for Authentication, PAM and Access Management, especially through technical workshops and 1:1 coaching sessions, to ensure alignment to business strategy.



3. Creation and maintenance of technical guides to convey facts simply and effectively to both peers and those less experienced.



4. Daily management and maintenance of the Authentication, PAM and Access Management platforms, ensuring service availability; health and performance monitoring & alerting and the maintenance of operational & technical documentation.



5. Balance technical fact / opinion against business risk / delivered service to provide well thought through guidance to support technical staff with incident; problem investigation and project decisions.



6. Proactively initiate investigations for improvements for standard operating processes and procedures, utilising the current owned / licensed tools available, to evidence and escalate issues to the management team. Candidate should be comfortable in communicating with all levels of the management hierarchy.



7. Produce and interpret service performance and security data to provide analysis for investigations; baseline performance and trend reports for management to highlight areas of focus / improvement and on-going change.



8. Play a leading role in documenting, presenting and using direct communication to map software lifecycle, create work breakdown structures (WBS) and the appropriate supporting documentation to ensure that the software remains current and supportable without disruption to the organisation.



9. Lead technical delivery, supporting the programme and project managers delivering specialist tasks to time and cost.



10. Work with the problem management function under the ITIL framework to investigate potential issues through to a timely resolution.



**WORK EXPERIENCE**



Apart from strong managerial experience, candidates must be able to demonstrate an advanced level of knowledge and experience in the following technical areas:


Microsoft Active Directory u2013 Advanced trouble-shooting and configuration
Microsoft Active Directory u2013 Experience of global 10,000+ user multi-Forest Environment
Entra ID u2013 Advanced troubleshooting and configuration
Entra ID u2013 management via Powershell modules and Graph API
CyberArk Privileged Access Management
DNS configuration and advanced troubleshooting
Group Policy Objects
Quest Change Auditor
Quest Forest Recovery Manager
Active Directory Certificate Services
Active Directory Federated Services
Azure AD Connect configuration
Azure AD Connect Connectors, sync rules and metaverse queries
Entra ID Conditional Access Policies
SSO implementation via SAML and OAUTH
Powershell script creation
Powershell Automation and centralised management
Multi-Factor Authentication configuration via MS Authenticator
User Lifecycle Management
Role Based Access Control
Access Management Systems (general)
RSA IG&L troubleshooting and configuration



**SKILLS AND EXPERIENCE**



**Functional / Technical Competencies:**



Essential


An experienced leader
To a certified level in around half of the work experience subjects above.



Preferred:


To a certified level in more than half of the work experience subjects above.



**Education / Qualifications:**



Essential


Degree or equivalent experience



**PERSONAL REQUIREMENTS**


Personal alignment to MUFG Values
Integrity & Responsibility
Professionalism & Teamwork
Challenge ourselves to grow


Personal alignment to EMEA Cultural Principles
Client Centric
People Focused
Listen Up, Speak Up
Innovate & Simplify
Own & Execute


Excellent communication skills
Results driven, with a strong sense of accountability
A proactive, motivated approach.
The ability to operate with urgency and prioritise work accordingly
Strong decision making skills, the ability to demonstrate sound judgement
A structured and logical approach to work
Strong problem solving skills
A creative and innovative approach to work
Excellent interpersonal skills
The ability to manage large workloads and tight deadlines
Excellent attention to detail and accuracy
A calm approach, with the ability to perform well in a pressurised environment
Strong numerical skills
Excellent Microsoft Office skills
A confident approach, with the ability to provide clear direction to your team
Excellent managerial/leadership experience
The ability to lead a high performing team
A strategic approach, with the ability to lead and motivate your team
The ability to articulate and implement the vision/strategy for the RSC department



We are open to considering flexible working requests in line with organisational requirements.



MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.



We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.



At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!



**Our Culture Principles**


Client Centric
People Focused
Listen Up. Speak Up.
Innovate & Simplify
Own & Execute

**Do you want your voice heard and your actions to count?**
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world's leading financial groups. Across the globe, we're 120,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world's most trusted financial group, it's part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.
Corporate Technology is responsible for the operation, development and support of all applications across all areas of the business. Corporate Technology ensures IT strategy, architecture and solutions are aligned to business requirements. This role reports to the CISO and is part of the Risk, Security and Control (RSC) team. RSC are collectively responsible for ensuring IT Security and Risk is managed through Identity and Access Management and Cyber Security. Additionally, RSC ensures all risks are recorded and where possible mitigated and IT controls, procedures and policies are implemented successfully.
**NUMBER OF DIRECT REPORTS**
3 direct - Full Team size of 30
**MAIN PURPOSE OF THE ROLE**
An exciting opportunity is available to join this group for a senior experienced leader with a technical background in identity, PAM and Access Management. They will lead the team and provide the technical capability to support the creation of a strategic direction for IAM. This will include the tool set choices, supporting and maintaining the overall service health, managing vendors and ensuring the direction taken aligns with the overall strategic objectives of the organisation.
The team handles day to day management of all Authentication, Privileged Access Management and Access Management needs of the business achieved by the following tools: Active Directory on premise, Entra ID for Cloud, CyberArk and RSA IG&L. There will need to be close co-ordination with the RSC and Infrastructure Teams. All technical documentation and platform standards must be kept up to date and technical direction and strategy must be developed and enhanced as required.
The successful candidate will be a very experienced leader and must familiarise themselves with the processes and procedures of the Bank quickly to be able to support and oversee the day to day platform and operational management. They must also provide the team with coaching and mentoring on best practice in the disciplines they are responsible for. Candidates will be expected to articulate complex technical matters in plain English to earn the support of senior management stakeholders and those technically less experienced. The role requires an excellent team player; a self-starter with a motivation and desire to seek out & deliver improvements and a drive to build the team and promote future platform opportunities for approval and funding. Experience of managing personnel both onshore and offshore is essential.
Candidates applying for this role must be able to demonstrate senior leadership and management skills, with around 10 years of experience, have an in-depth knowledge of Identity Management, Privileged Account Management technologies through either a Systems Engineer qualification or proven experience working in these specialities. Candidates should also be able to demonstrate practical experience and insight gained through similar roles including in-depth troubleshooting and team leadership skills.
**KEY RESPONSIBILITIES**
1. Provide strong and experienced leadership.
2. Govern and advise on technical direction for Authentication, PAM and Access Management, especially through technical workshops and 1:1 coaching sessions, to ensure alignment to business strategy.
3. Creation and maintenance of technical guides to convey facts simply and effectively to both peers and those less experienced.
4. Daily management and maintenance of the Authentication, PAM and Access Management platforms, ensuring service availability; health and performance monitoring & alerting and the maintenance of operational & technical documentation.
5. Balance technical fact / opinion against business risk / delivered service to provide well thought through guidance to support technical staff with incident; problem investigation and project decisions.
6. Proactively initiate investigations for improvements for standard operating processes and procedures, utilising the current owned / licensed tools available, to evidence and escalate issues to the management team. Candidate should be comfortable in communicating with all levels of the management hierarchy.
7. Produce and interpret service performance and security data to provide analysis for investigations; baseline performance and trend reports for management to highlight areas of focus / improvement and on-going change.
8. Play a leading role in documenting, presenting and using direct communication to map software lifecycle, create work breakdown structures (WBS) and the appropriate supporting documentation to ensure that the software remains current and supportable without disruption to the organisation.
9. Lead technical delivery, supporting the programme and project managers delivering specialist tasks to time and cost.
10. Work with the problem management function under the ITIL framework to investigate potential issues through to a timely resolution.
**WORK EXPERIENCE**
Apart from strong managerial experience, candidates must be able to demonstrate an advanced level of knowledge and experience in the following technical areas:
+ Microsoft Active Directory - Advanced trouble-shooting and configuration
+ Microsoft Active Directory - Experience of global 10,000+ user multi-Forest Environment
+ Entra ID - Advanced troubleshooting and configuration
+ Entra ID - management via Powershell modules and Graph API
+ CyberArk Privileged Access Management
+ DNS configuration and advanced troubleshooting
+ Group Policy Objects
+ Quest Change Auditor
+ Quest Forest Recovery Manager
+ Active Directory Certificate Services
+ Active Directory Federated Services
+ Azure AD Connect configuration
+ Azure AD Connect Connectors, sync rules and metaverse queries
+ Entra ID Conditional Access Policies
+ SSO implementation via SAML and OAUTH
+ Powershell script creation
+ Powershell Automation and centralised management
+ Multi-Factor Authentication configuration via MS Authenticator
+ User Lifecycle Management
+ Role Based Access Control
+ Access Management Systems (general)
+ RSA IG&L troubleshooting and configuration
**SKILLS AND EXPERIENCE**
**Functional / Technical Competencies:**
Essential
+ An experienced leader
+ To a certified level in around half of the work experience subjects above.
Preferred:
+ To a certified level in more than half of the work experience subjects above.
**Education / Qualifications:**
Essential
+ Degree or equivalent experience
**PERSONAL REQUIREMENTS**
+ Personal alignment to MUFG Values
+ Integrity & Responsibility
+ Professionalism & Teamwork
+ Challenge ourselves to grow
+ Personal alignment to EMEA Cultural Principles
+ Client Centric
+ People Focused
+ Listen Up, Speak Up
+ Innovate & Simplify
+ Own & Execute
+ Excellent communication skills
+ Results driven, with a strong sense of accountability
+ A proactive, motivated approach.
+ The ability to operate with urgency and prioritise work accordingly
+ Strong decision making skills, the ability to demonstrate sound judgement
+ A structured and logical approach to work
+ Strong problem solving skills
+ A creative and innovative approach to work
+ Excellent interpersonal skills
+ The ability to manage large workloads and tight deadlines
+ Excellent attention to detail and accuracy
+ A calm approach, with the ability to perform well in a pressurised environment
+ Strong numerical skills
+ Excellent Microsoft Office skills
+ A confident approach, with the ability to provide clear direction to your team
+ Excellent managerial/leadership experience
+ The ability to lead a high performing team
+ A strategic approach, with the ability to lead and motivate your team
+ The ability to articulate and implement the vision/strategy for the RSC department
We are open to considering flexible working requests in line with organisational requirements.
MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.
We make our recruitment decisions in a non-discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.
At MUFG, our colleagues are our greatest assets. Our Culture Principles provide a roadmap for how each of our colleagues must think and act to become more client-obsessed, inclusive and innovative. They reflect who we are, who we want to be and what we expect from one another. We are excited to see you take the next step in exploring a career with us and encourage you to spend more time reviewing them!
**Our Culture Principles**
+ Client Centric
+ People Focused
+ Listen Up. Speak Up.
+ Innovate & Simplify
+ Own & Execute

**Summary:**
Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The org is responsible for inhibiting malicious actors from compromising our environment, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems, cover broad aspects of information security, and identify deficiencies in the access management space. This role specifically needs conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. Some travel may be required.
**Required Skills:**
Security Engineer, Identity and Access Management (IAM) Responsibilities:
1. Design and implement systems that enhance the security of Meta's Identity & Access Management Systems
2. Build and maintain tools that improve the Identity and Access Management posture at Meta
3. Conduct design and code reviews Analyze and improve efficiency, scalability, and stability for assigned product area and/or systems
4. Identify and drive changes as needed for assigned codebase, product area and/or systems
5. Interface with other teams to incorporate their innovations and vice versa
6. Articulate security findings to internal to a variety of stakeholders, including both technical and non-technical stakeholders
7. Provide defensible recommendations on technical, physical and administrative control implementations based on findings while balancing the cost versus benefits
8. Participate in the development and oversight of corrective actions relating to security issues
9. Participate in cross-functional, team, and status review meetings
10. Recommend process improvement and strategic initiatives as related to security
**Minimum Qualifications:**
Minimum Qualifications:
11. 2+ years of experience in developing custom scripts in Python/C++ and PHP/Hack
12. MS or PhD (or equivalent) in Computer Science or related field
13. 3+ years of experience in software development experience
14. Experience building large-scale distributed systems or similar experience
15. Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
16. Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
17. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences
18. Experienced in managing competing priorities and simultaneous projects in a fast paced environment with little supervision
19. Demonstrated experience in communication skills - both writing and speaking, interpersonal skills, and experienced in working cross-functionally with various teams
**Preferred Qualifications:**
Preferred Qualifications:
20. Practical experience of analytical and problem-solving skills, including a basic understanding of data analysis techniques
21. Data pipeline
22. Machine Learning (AI)
**Industry:** Internet

**Summary:**
Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The security organization is responsible for inhibiting malicious actors from compromising our environment, preventing, detecting and responding to them before they do damage if they do, ensuring we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.The Security Engineer should have prior experience with security policy, risk, and access management disciplines and be experienced in collaborating with cross-functional teams. This position will be responsible for identifying and enforcing solutions to control access to internal systems. An ideal candidate is someone that has technical knowledge of the broad aspects of information security, and is able to identify deficiencies in the access management space. This role specifically needs conceptual understanding of the IAM concepts that can be applied to our internal IAM solutions. This role requires a broad mix of security, technical, coding and communication skills coupled with a desire to learn.
**Required Skills:**
Security Engineer, Identity and Access Management (IAM) Responsibilities:
1. Directly contribute to experiments, including designing experimental details, authoring reusable code, running evaluations, and organizing results
2. Contribute to publications and open-sourcing efforts
3. Work with a large team
4. Prioritize research that can be applied to Meta's product development
5. Mentor other team members. Play a significant role in healthy cross-functional collaboration
**Minimum Qualifications:**
Minimum Qualifications:
6. Experience in building products in Python/C++/ PHP/Hacklang/React technologies
7. Bachelors degree in Computer Science related field, or equivalent experience
8. Experience building large-scale distributed systems or similar experience
9. 10+ years of software development experience
10. Experience in assessing security deficiencies in first-party/internal information systems and recommending mitigating controls
11. 3+ years of proven experience working on Information Security teams or conducting Information Security consulting engagements
12. Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly in context of access management in different geographical locations
13. Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences
14. Skills to manage competing priorities and simultaneous projects in a time-sensitive and productive environment with little supervision
15. Experience in communicating effectively with a broad range of stakeholders, collaborators and clients, at different levels
**Preferred Qualifications:**
Preferred Qualifications:
16. Highly experience in analytical and problem-solving skills, including a basic understanding of data analysis techniques
17. Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations
18. Experience in the IAM domain in a cloud based infrastructure environment
19. Program and project management skills
**Industry:** Internet