IAM Engineer – PAM & PKI

Company: Universal Music Group
Apply for the IAM Engineer – PAM & PKI
Location: London
Job Description:

Music is Universal

It’s the passionate and dedicated team at Universal Music who help make us the world’s leading music company. From A&R to finance, legal to digital, sales to marketing, Universal Music is the place to grow and develop your career within a truly commercial and innovative business that leads in everything it does.

Everyone is welcome to apply for our roles, and we are determined to ensure that no applicant or employee receives less favourable treatment because of gender, race, disability, sexual orientation, religion, belief, age, marital status, background, pregnancy, or caring responsibilities. We also recognise the importance of diversity of thought within our teams and are fully committed to embracing the talents of people with autism, dyslexia, ADHD, and other forms of neurocognitive variation.

We will always seek to make appropriate adjustments to recruitment, workplaces, and work processes to be fully inclusive to people with different needs and working styles. If you need us to make any reasonable adjustments for you from application onwards, including alternatives to the online form or to disclose a neurocognitive condition, please email UniversalMusicCareers@umusic.com.

Job Summary

We are currently seeking an Identity & Access Management Engineer with deep specialization in Privileged Access Management (PAM) and Public Key Infrastructure (PKI) to join UMG’s global Tech Security & Identity organization. Reporting to the VP, Tech Security & Identity, this role is a hands‑on engineering position focused on designing, implementing, and operating enterprise‑grade PAM and PKI capabilities across a complex, global environment.

This engineer will play a critical role in securing privileged identities, service accounts, machine identities, and cryptographic trust across on-premises and cloud platforms. The position emphasizes technical execution, automation, and operational excellence, partnering closely with infrastructure, security, and application teams to reduce risk, improve resilience, and scale identity security services. The ideal candidate brings strong CyberArk and PKI experience, an automation‑first mindset, and the ability to operate effectively in a regulated, highly distributed enterprise.

Job Functions

  • Design, engineer, deploy, and operate Privileged Access Management solutions, with primary responsibility for CyberArk platforms including Vault, CPM, PVWA, PSM, and related integrations.
  • Implement and manage PAM controls for human and non‑human identities, including privileged users, service accounts, application credentials, and secrets.
  • Engineer and support enterprise PKI services, including certificate issuance, renewal, revocation, and lifecycle automation across infrastructure, applications, and end‑user devices.
  • Administer and enhance PKI platforms and services such as Microsoft AD Certificate Services (ADCS), public certificate authorities, and certificate lifecycle management tools.
  • Develop and maintain automation for PAM and PKI workflows using scripting and infrastructure‑as‑code approaches (PowerShell, Python, Terraform, APIs).
  • Partner with application, cloud, and infrastructure teams to integrate PAM and PKI capabilities into platforms, CI/CD pipelines, and operational processes.
  • Define and enforce privileged access policies, credential management standards, and cryptographic controls aligned to security, audit, and compliance requirements.
  • Troubleshoot and resolve complex PAM and PKI incidents, including certificate outages, access failures, and privileged session issues.
  • Contribute to operational readiness, monitoring, and audit support activities related to PAM and PKI controls (e.g., SOX, ISO 27001, internal audits).
  • Maintain technical documentation, runbooks, and configuration standards to support scalable and repeatable operations.
  • Continuously evaluate opportunities to improve security posture, resilience, and efficiency through automation, tooling enhancements, and process optimization.

Job Requirements

Essential Qualifications

  • 5+ years of hands‑on experience in Identity & Access Management or Security Engineering roles, with strong focus on Privileged Access Management and/or PKI.
  • Demonstrated experience engineering and operating CyberArk PAM solutions in an enterprise environment.
  • Strong hands‑on experience with PKI concepts and technologies, including certificate lifecycle management, trust models, and cryptographic standards.
  • Experience administering Microsoft AD Certificate Services (ADCS) and managing public SSL/TLS certificates.
  • Proficiency in scripting and automation using tools such as PowerShell and Python; experience with infrastructure‑as‑code or API‑based integrations preferred.
  • Solid understanding of identity, authentication, and access control concepts, particularly as they relate to privileged and machine identities.
  • Experience working in hybrid and cloud environments (Azure and/or AWS) integrating PAM and PKI controls.
  • Ability to work independently on complex technical problems while collaborating effectively within a global, cross‑functional team.
  • Strong troubleshooting, documentation, and communication skills, with the ability to explain technical issues to non‑specialist stakeholders.

Desirable Qualifications

  • Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical discipline.
  • Experience with certificate management platforms such as Keyfactor or Venafi.
  • Experience integrating PAM or PKI into CI/CD pipelines, DevOps tooling, or secrets management solutions.
  • Familiarity with identity and security compliance frameworks such as SOX, ISO 27001, NIST, or similar.
  • Professional certifications such as CyberArk Defender, Microsoft Certified: Identity and Access Administrator, Security+, CISSP, or similar.
  • Experience operating IAM or security services within a large, global, or highly regulated enterprise environment.

About UMG UK

We are Universal Music Group UK – the UK’s leading music‑based entertainment company. We exist to shape culture through the power of artistry. We help UK artists produce, distribute and promote the most critically acclaimed and commercially successful music to inspire and entertain fans at home and around the world.

Bonus Tracks: Your Benefits

  • Group Personal Pension Scheme (between 3% and 9%)
  • Private Medical Insurance
  • 25 paid days of annual leave
  • Interest Free Season Ticket Loan
  • Holiday Purchase scheme
  • Dental and Travel Insurance options
  • Cycle to Work Scheme
  • Salary Sacrifice Cars
  • Subsidised Gym Membership
  • Employee Discounts (Reward Gateway)

Just So You Know…

The company presents this job description as a guide to the major areas and duties for which the jobholder is accountable. However, the business operates in an environment that demands change and the jobholder’s specific responsibilities and activities will vary and develop. Therefore, the job description should be seen as indicative and not as a permanent, definitive, and exhaustive statement.

Job Category: Universal Music Group

#J-18808-Ljbffr…

Posted: April 1st, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire