IAM Architect - Infrastructure & Access Management
Precise PlacementsArchitect: Infrastructure & Access Management
The Opportunity
Our client is a leading international law firm, recognised for representing the world's major corporations, funds, and financial institutions in their most complex transactions and disputes. We are looking for a talented and experienced Architect: Infrastructure & Access Management to join the firms IT department in London.
This is a high-impact role at the heart of our global security and identity strategy, offering the chance to shape architecture at enterprise scale while collaborating with top-tier colleagues across regions.
What You'll Do
You will lead the design and evolution of our Identity and Access Management (IAM) architecture across a complex, global environment. Key responsibilities include:
- Developing and maintaining IAM architecture covering identity lifecycle, access governance, and privileged access controls
- Designing secure authentication and authorisation patterns (OpenID Connect, SAML, OAuth, Kerberos, LDAP) and Conditional Access policies aligned with Microsoft best practices
- Embedding zero trust and least privilege principles across all privileged roles and enterprise applications
- Owning global firewall design and architecture
- Architecting and enhancing Privileged Access Management (PAM) capabilities, including approval workflows and continuous monitoring
- Championing Identity Threat Detection and Response (ITDR) solutions to proactively mitigate identity-based attacks
- Guiding the hardening of multi-site Active Directory domains/forests and cloud identity components (Entra/Azure AD)
- Collaborating with Security to design Azure Policies and guardrails supporting audit readiness (ISO 27001, ISO 22301)
- Integrating IAM with HR, IT, and engineering systems throughout the user lifecycle
- Staying ahead of emerging technologies including passwordless authentication, decentralised identity frameworks, and adaptive access controls
What We're Looking For
Qualifications & Experience
- Proven background in IAM/identity engineering or architecture within large enterprise environments
- Prior global or large-scale enterprise experience preferred
- Microsoft Certified: Identity and Access Administrator Associate
- CISSP or equivalent
- Azure Cybersecurity Expert or Certified Identity and Access Manager (CIAM)
Technical Skills
- Deep expertise in Microsoft identity and security across SaaS/PaaS, IAM, and Privileged Access domains
- Advanced knowledge of Entra ID/Azure AD and on-premises Active Directory
- Strong command of SSO and authentication protocols: OpenID Connect, SAML, OAuth, Kerberos, LDAP
- Hands-on experience with RBAC design, entitlement management, and automated provisioning pipelines
- Proficiency with PowerShell and RESTful integrations for identity automation
- Familiarity with NDR, Micro-Segmentation, and network topology as they relate to IAM
- Experience with Azure Policy, landing zone guardrails, and Conditional Access at scale
Opens the company's application page
Listed via
Reed
reed.co.uk
Similar roles

Senior 2nd Line Infrastructure Engineer
Appcast Enterprise

Senior Infrastructure Engineer
Nextech

Infrastructure Architect - London
Harvey Nash
Azure Cloud Engineer
Solutions Through Knowledge
Design & Tech
Related reads from TCHNX

The Quiet Revolution in Local-First Software
As major platforms face outages and data breaches, a new generation of developers is building applications that prioritise local data storage and peer-to-peer sync, challenging the cloud-first orthodoxy that's dominated tech for two decades.

The Quiet Revolution in Edge AI: Why Your Next Computer Might Not Need the Cloud
As neural processing units become standard in consumer devices, we're witnessing a fundamental shift in how AI applications work. Local processing is no longer a fallback; it's becoming the preferred architecture.

The Rise of AI-Assisted Code Generation 2: Are Developers Becoming Prompt Engineers?
As AI coding assistants reshape software development, the industry grapples with a fundamental question: is writing code giving way to writing prompts? We examine how London's tech scene is adapting to this seismic shift.