Hunt UK Visa Sponsors
Copyright © 2025
Copyright © 2025
Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with A&O Shearman. For the most up-to-date job details, please visit the official website by clicking "Apply Now."
We have an exciting new opportunity for an Identity and Access Management Engineer to join the A&O Shearman Belfast office. This role will be a Digital Trust team member and will be responsible for managing and monitoring the firm's core technology solutions for Identity and Access Management (IAM). IAM involves identity management, identity governance and administration, privileged access, and conditional access at A&O Shearman.
Apply today via the link below or contact [email protected] to find out more.
About the team
The firm's ability to keep our clients' data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the world's large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board.
Led by our new CISO, Yolande Young, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity.
In addition, you will have the opportunity to share and gain intel from the firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes.
What you will do
IAM involves identity management, identity governance and administration, privileged access, and conditional access at A&O Shearman. This role requires a strong understanding of IAM principles and technologies. The ideal candidate will excel at Active Directory and Microsoft Entra ID technologies, CyberArk, machine identity management, and implementation of agreed architecture into secure and stable deployments. This role is critical in translating the IAM vision into a workable, mature and optimized function and service.
This will include:
IAM (including PAM) Architecture, Engineering & Platform Management
Oversee and participate in the performance of engineering and operational tasks in the identity and access management technologies such as Entra ID, Conditional Access Policies, entitlement management, and CyberArk.
Oversee and participate in ongoing configuration, maintenance and testing for IAM technology solution(s) and in scope processes, including Active Directory, Entra ID Privileged Identity, Privileged Access, and Governance; Conditional Access Policies; CyberArk; and CIEM. Monitor IAM technology solution(s) for performance, data quality and security.
Oversee and participate in defining requirements and integrations to meet the IAM objectives including development of requirements and tests cases, assessments of systems/accounts for privileged access, and analysis of privileged activity.
Design and transition IAM service components into operation such as through operational manuals, support patterns, standard changes, and request management.
Manage platform updates, releases, and enhancements, including conducting appropriate testing such as user acceptance testing (UAT) to ensure stability and functionality, based on design specifications and requirements. Resolve issues relating to the IAM technology solution(s).
Design and maintain workflows, dashboards, reports, and configurations within IAM tooling to support visibility and decision-making.
Evaluation and influence decisions on IAM technology components such as active directory, identity, privileged access, and entitlements management.
Design and document identity configurations, and assist the Senior Identity Architect in performing IAM solution architecture. Ensure adherence to the change management process when implementing changes to architecture.
Collaborate closely with technology and information security teams to ensure alignment and support during incident responses with an IAM component.
IAM architecture review and change
Review and contribute to solution designs and changes initiated outside of the Digital Trust which have an IAM risk, component, or impact. Optimise processes and solutions to improve efficiency in access reviews.
Work alongside architects and operational staff to ensure their engineered solutions are designed securely from an IAM perspective, and align with the IAM security architecture and standards.
Perform detailed analysis of application identity security to provide IAM assurance and configuration guidance.
Collaborate with cloud infrastructure teams to implement IAM design patterns.
Configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools, working closely with security engineering colleagues.
Monitor key metrics relating to identity and access management to identify potential information security threats, risks, and indications of compromise.
IAM risk management, controls and compliance
Ensure compliance with regulatory and client requirements in partnership with the IT Governance Risk and Compliance (GRC) team. Ensure security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Maintain current IAM-relevant certifications.
Validate the ongoing effectiveness of implemented security controls through technical analysis.
Perform and document IAM risk assessments, ensuring appropriate mitigating controls are introduced, and risk acceptances are appropriately governed.
Understand threat modelling in the context of IAM. Define and document identity and access management use cases to be monitored by the Cyber Defence function, ensuring comprehensive coverage of potential threats and timely response.
Scope and manage security testing including penetration tests and Red Teaming, Manage remediation activities to completion.
Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services.
Assist in the GRC team in answering and addressing client queries and requests pertaining to IAM.
Support the IAM operational team members in performing their duties, particularly during periods of absence.
Leadership & Team Development
Provide leadership and structured management, direction and mentorship to junior IAM team members, supporting their technical development and career progression.
Champion identity and access management across the organisation and drive an evolved culture of risk awareness and mitigation.
Documentation & Governance
Participate in maintaining the lifecycle of documentation relating to the IAM architecture and technology environment, ensuring accuracy, accessibility, and alignment with compliance standards.
What you will have
Extensive experience with Microsoft identity products, including Active Directory and Entra ID.
Extensive experience in engineering within the identity and directory space.
Current Azure certifications (e.g., Azure Security Engineer Associate).
Experience within 10,000+ global organizations.
Strong knowledge around security and compliance standards and frameworks such as ISO27001, MS CAF and WAF .
Proven ability to develop good working relationships with key stakeholders at all levels.
Demonstrates a high level of credibility with the ability to influence technical teams, technology leadership and select stakeholders within legal practice groups.
Excellent communication and presentation skills, both orally and written.
Proven ability to manage ambiguity and potentially conflicting priorities.
You will stand out if you bring
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Relevant additional security certifications (CISSP, SABSA, TOGAF).
Hands on experience with CyberArk.
Experience working in professional services or legal sector.
Knowledge of additional cloud platforms (e.g. AWS, GCP).
Experience with zero trust architecture implementation.
Background in application security and secure SDLC practices.
What we can offer you
We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, online discounts and lifestyle management services.
Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.
We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.
If this role is not of interest we may have another suitable opportunity here for you at A&O Shearman! Visit our careers portal at A&O Shearman Careers and submit your CV to our Talent Network to be notified when the perfect opportunity becomes available.