Access Management Engineer

• Job Reference: 250425002
• Job Title: Access Management Engineer (Power Utility Sector)
• Type: Contract / Hybrid (2-3 days onsite)
• Location: Coventry
• Salary: Best as per market rate
• Experience: 5+ years

About the Role:
We are seeking a detail-oriented and security-focused Access Management Engineer to join our client’s team in the utility sector. This role is critical to ensuring secure, compliant, and efficient access to systems, applications, and infrastructure across the organization. You will play a key role in implementing and maintaining Identity and Access Management (IAM) solutions that support business continuity and safeguard critical infrastructure.

Key Responsibilities:

• Manage and maintain IAM tools and platforms for user provisioning, de-provisioning, and access reviews.
• Implement Role-Based Access Control (RBAC), Single Sign-On (SSO), and Multi-Factor Authentication (MFA) across enterprise systems.
• Ensure access compliance with NERC CIP, GDPR, ISO 27001, and other relevant industry regulations.
• Collaborate with IT, cybersecurity, and business units to define and enforce access control policies.
• Perform regular audits of user access, conduct risk assessments, and address segregation of duties (SoD) conflicts.
• Respond to security incidents and assist with investigations related to unauthorized access or identity breaches.
• Support integration of cloud and on-prem identity systems (e.g., Azure AD, Okta, CyberArk, SailPoint).
• Develop and maintain access management documentation, SOPs, and training materials.
• Stay updated on IAM trends, threats, and best practices to continually enhance security posture.

Required Skills & Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
• 5+ years of experience in Identity and Access Management, preferably in the utilities or critical infrastructure sector.
• Hands-on experience with IAM tools such as Active Directory, Azure AD, Okta, SailPoint, or CyberArk.
• Strong understanding of access governance, RBAC, least privilege principles, and user lifecycle management.
• Familiarity with utility sector regulations (e.g., NERC CIP) and cybersecurity frameworks.
• Excellent analytical, problem-solving, and documentation skills.
• Strong communication skills and ability to collaborate across technical and non-technical teams.

Desirable Certifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Identity and Access Manager (CIAM)
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• CompTIA Security+ or equivalent