About the role

The Identity and Privilege Management Solution Architect is a senior technical role responsible for designing, developing, and delivering secure identity and privilege management solutions across the enterprise. This position translates enterprise cybersecurity architecture strategies into practical, implementable solutions that align with business objectives, effectively mitigate identity-related risks, support regulatory compliance, and enable secure and seamless access management. The role requires strong solution design and product selection skills with deep expertise in SailPoint, CyberArk, Entra ID, Active Directory, MFA, SSO, and related identity and privilege management technologies.

Role Responsibilities

• Design and develop secure solution architectures for identity and privilege management initiatives, ensuring alignment with the enterprise cybersecurity architecture strategy, frameworks, and standards.

• Provide expert technical leadership in the solutioning of identity governance, privileged access management, and access control requirements.

• Collaborate with business leaders, IT teams, security operations, HR, and delivery teams to translate business needs and security requirements into robust, scalable, and secure identity and privilege management solution designs.

• Lead the evaluation, selection, and integration of appropriate identity and privilege management solutions, with particular focus on SailPoint for identity governance and administration, CyberArk for privileged access management, Entra ID, Active Directory, MFA, and SSO.

• Conduct solution-level risk assessments and recommend mitigation strategies to address security gaps in identity and privilege architectures.

• Ensure solution designs comply with architecture governance processes, standards, and regulatory requirements.

• Work closely with engineering and delivery teams to support the implementation, integration, and validation of secure identity and privilege management solutions.

• Contribute to incident response planning and ensure solution resilience against identity-based cyber threats.

• Communicate complex identity and privilege management solution architecture concepts clearly to both technical and non-technical audiences, including project teams and senior leadership.

Why you?

• Bachelor’s degree or equivalent relevant work experience.

• 8 years in IT, with at least 5 years in cybersecurity solution architecture (including significant experience in cloud, data, or AI security solutions).

• CISSP & CISM

Preferred Qualifications:

• Demonstrated experience designing secure solutions in complex cloud, data, and AI environments within large-scale, hybrid, and multi-cloud settings.

• Hands-on solution architecture expertise in cloud security (IaaS, PaaS, SaaS), data protection and privacy, and AI/ML security (including model security, adversarial AI mitigation, and secure AI pipelines).

• Strong product selection and evaluation skills for cloud security platforms, data security tools, and AI security solutions.

• Strong background in cloud security frameworks (e.g., CSA CCM, NIST, Azure Well-Architected Framework), data governance, privacy-by-design, and regulatory compliance (e.g., GDPR, NIS Regulations, ISO 27001, DORA).

• Proven ability to influence and collaborate effectively with architecture, engineering, data science, AI teams, and delivery stakeholders.

• Deep expertise in designing secure solution architectures for cloud, data, and AI environments.

• Strong technical knowledge of cloud security architectures, data protection technologies, AI security controls, secure AI development lifecycles, and integration patterns.

• Excellent solution design and product evaluation skills for cloud, data, and AI security technologies.

• Ability to translate high-level architecture strategies and business requirements into practical, implementable secure solutions.

• Strong collaboration and influencing skills across multidisciplinary teams.

• Proven ability to communicate complex solution concepts to both technical delivery teams and non-technical stakeholders.

• Sound commercial awareness and understanding of how secure solution architecture supports business value, innovation, and risk reduction.

• Up-to-date knowledge of current and emerging cyber threats, attack techniques, and defensive technologies in cloud, data, and AI environments relevant to the UK and international operations.

12-Month Success Criteria

• Deliver high-quality, secure solution architectures for key identity and privilege management projects that are fully aligned with the enterprise cybersecurity architecture.

• Complete solution architecture reviews and risk assessments for all major identity and privilege initiatives, resulting in identified and mitigated security risks.

• Ensure successful implementation, integration, and security validation of designed solutions, demonstrating measurable improvements in identity security posture and privilege management effectiveness.

• Establish effective collaboration processes with engineering and security operations teams to accelerate secure solution delivery.

• Build or strengthen solution architecture artefacts, patterns, and reusable designs for identity and privilege management.

• Secure strong stakeholder alignment and acceptance of solution designs across technical and business teams.

Why you?

Basic Qualifications:

• Bachelor’s degree or equivalent relevant work experience.

• 8 years in IT, with at least 5 years in cybersecurity solution architecture (including significant experience in identity and privilege management solutions

• CISSP

• CISM

• 10+ years in IT, with at least 7 years focused on identity and privilege management solution architecture.

Preferred Qualifications:

• Demonstrated experience designing and delivering secure identity and privilege management solutions in complex, large-scale, hybrid, and multi-cloud environments.

• Hands-on solution architecture expertise with SailPoint (Identity Governance), CyberArk (Privileged Access Management), Microsoft Entra ID, Active Directory, MFA, SSO, and federation technologies.

• Strong product selection and evaluation skills for identity and privilege management platforms.

• Strong background in identity governance, privileged access controls, Zero Trust principles, and regulatory compliance (e.g., GDPR, NIS Regulations, ISO 27001).

• Proven ability to influence and collaborate effectively with architecture, engineering, security operations, and delivery stakeholders.