Lead Information and Cyber Security Specialist

Lead Information and Cyber Security Specialist – Identity & Access Management

Location: Holborn Office

County: Central London

Ref #: 24417

Closing Date: 15-Apr-2026

What You Will Do

• Own and drive the implementation of the bank’s IDAM Target Operating Model, ensuring alignment with wider cyber security objectives, regulatory expectations, and operational needs.
• Define, document, and embed IDAM processes, roles, governance structures, and performance measures required for a mature access management function.
• Partner with technology, business, and risk stakeholders to achieve a consistent and scalable IDAM operating framework.
• Design and oversee the implementation of core IDAM controls that demonstrate adherence to security principles, internal policy, and legislative requirements (e.g., PRA/FCA expectations, GDPR, SOX, NIST, ISO 27001).
• Implement continuous monitoring and reporting mechanisms to evidence control effectiveness and provide assurance to senior leadership, audit, and regulators.
• Lead remediation and change activity where control gaps or deficiencies are identified.
• Implement and run the bank-wide access recertification framework to ensure timely and accurate validation of user access privileges across all critical systems and applications.
• Work closely with business owners to validate role appropriateness, identify toxic combinations, and ensure alignment to least privilege principles.
• Provide MI, reporting, and escalation pathways to ensure recertification compliance and accountability.
• Oversee configuration, tuning, and administration of core IDAM toolsets, including Delinea (PAM) and SailPoint (Identity Governance & Administration).
• Ensure tools are optimally configured, maintained, and utilised in line with best practice and security standards.
• Lead enhancements, upgrades, and automation initiatives to improve operational efficiency and control coverage.
• Review proposed solutions for identity integration, authentication methods, role definitions, and access patterns
• Collaborate with IT teams to define, implement, and monitor controls for Privileged Access Management

What You Will Need

• A minimum of 3–5 years of experience in identity and access management or related security services.
• Hands‑on experience with identity governance, privileged access management, and authentication technologies, as well as a strong understanding of regulatory requirements such as GDPR and financial sector compliance standards.
• Familiarity with directory services.
• Strong understanding of regulatory compliance (e.g. FCA/PRA rules) and identity and access management principles.
• Knowledge of Windows, Linux, Active Directory, and cloud environments (Azure, AWS).
• Strong knowledge of implementing RBAC controls.
• Recognised industry qualification e.g. CISSP, CISMP, CCSP, CISM.

Benefits

• We will make sure that you are well‑rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts!
• We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).

#J-18808-Ljbffr…