Hunt UK Visa Sponsors
Copyright © 2025
Copyright © 2025
Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with A&O Shearman. For the most up-to-date job details, please visit the official website by clicking "Apply Now."
We have an exciting new opportunity for an Identity and Access Senior Architect to join the A&O Shearman Belfast office.
Apply today via the link below or contact [email protected] for more information.
About the team
The firm's ability to keep our clients' data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the world's large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board.
Led by our new CISO, Yolande Young, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead where global complexity creates opportunity.
In addition, you will have the opportunity to share and gain intel from the firm's cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients' cyber risk management and incident response programmes.
What you will do
The Identity and Access Senior Architect will be part of the Digital Trust team, and will be responsible for maintaining the identity and access management (IAM) security of the firm's assets. This role is critical in translating the organisation's IAM vision into a workable, mature and optimized function and service. This role requires extensive experience across all IAM core disciples including identity management, identity governance and administration, privileged access, and conditional access. This role will support the transformation of IAM into a modern, automated, predictable and customer-oriented function. The ideal candidate will excel at Microsoft Entra ID technologies, CyberArk, machine identity management, and translation of identified requirements into practical identity architecture and design.
This will include:
IAM Strategy and Architecture
Design, implement and continuously improve the organisational IAM architecture for a modern security perimeter, leveraging extensive knowledge and experience across all IAM disciplines.
Review functional and non-functional requirements, apply architectural acceptance criteria, and produce artefacts describing the logical and physical design of IT and security (IAM) solutions scaled for the enterprise needs, and assist in solution architecture.
Influence and evaluate decisions on IAM components: directory, identity, privileged access, entitlements management.
Configure and maintain technologies that support the IAM function such as Active Directory, Entra ID Privileged Identity, Privileged Access, and Governance; Conditional Access Policies; CyberArk.
Design and transition IAM service components into operation - operational manuals, support patterns, standard changes, request management.
IAM Risk and Change Management
Work alongside Solution Architects to ensure solutions are designed securely from an access management perspective. Ensure adherence to the change management process when implementing IAM relevant changes to architecture.
Perform detailed analysis of application architectures to provide IAM assurance.
Understand threat modelling and participate in major incidents responses with IAM components.
Review and approve the IAM components of solution designs.
Collaborate with cloud infrastructure teams to implement IAM design patterns.
Ensure IAM security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks.
Validate effectiveness of implemented IAM security controls through technical analysis.
Perform residual IAM risk assessments and document acceptance/rejection rationale.
Scope and manage IAM security testing including penetration tests and Red Teaming as well as remediation activities.
Work closely with wider Information Security team to ensure compliance, assurance, risk management, monitoring, and other operational requirements related to IAM are met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards.
Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools.
Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services.
Serve as an escalation point for issues of non-compliance related to PAM, IAM and IGA policies and processes.
Leadership & Team Development
Provide leadership and structured mentorship to a team of identity and access management staff, supporting their technical development, training & certifications, and career progression.
Oversee the design and management of the on-call support structure, ensuring appropriate coverage, escalation paths, and minimal disruption to business operations.
What you will have
Extensive experience in working with Microsoft identity products, namely Active Directory and Entra ID.
Extensive experience working in architecture or information security, with a significant focus on identity and access management.
Current Azure certifications (e.g., Azure Security Engineer Associate).
Strong knowledge of security and compliance standards and frameworks, such as ISO27001, MS CAF, and WAF.
Excellent communication, leadership, and interpersonal skills, with the ability to collaborate across teams and with external parties such as MSSP.
Ability to work effectively in a fast-paced, dynamic environment.
You will stand out if you bring
Bachelor's degree in Information Security, Computer Science, or a related field.
Additional relevant security certifications e.g. CISSP, SABSA, TOGAF.
Legal or professional services experience is highly desirable.
Knowledge of additional cloud platforms e.g. AWS, GCP.
Experience with zero trust architecture implementation and least privilege principles.
Background in application security and secure SDLC practices
What we can offer you
We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, online discounts and lifestyle management services.
Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.
We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.
If this role is not of interest we may have another suitable opportunity here for you at A&O Shearman! Visit our careers portal at A&O Shearman Careers and submit your CV to our Talent Network to be notified when the perfect opportunity becomes available.