Endava is seeking an experienced Senior Identity Security Engineer to lead the design, governance, and continuous improvement of enterprise identity security capabilities across client environments.
This senior engineering role is responsible for securing digital identities across workforce, third-party, and machine identities through robust identity and access management (IAM) controls and privileged access governance. The role will oversee identity platform architecture, operational security posture, and lifecycle management processes across technologies such as Active Directory, Microsoft Entra, and Identity Governance & Administration (IGA) platforms.
Working closely with Cyber Engineering, Cloud, Infrastructure, Application, and Security Operations teams, the Senior Identity Security Engineer will ensure identity controls are embedded into enterprise platforms and services. The role also focuses on enabling secure, scalable identity services through automation, governance, and modern zero trust identity patterns.
Responsibilities:
- Define and maintain identity security policies, architecture standards, and governance frameworks across enterprise identity platforms.
- Design and implement secure identity architecture patterns across Active Directory, Microsoft Entra, IAM, IGA, and Privileged Access Management (PAM) platforms.
- Lead continuous improvement initiatives to strengthen identity security posture across enterprise environments.
- Establish secure identity lifecycle management processes covering joiners, movers, leavers, contractors, third parties, and non-human identities.
- Implement and govern privileged access management frameworks including privileged account lifecycle management, role design, and access certification processes.
- Lead the engineering and governance of identity workflows within identity governance platforms such as SailPoint.
- Improve identity management automation to reduce manual provisioning activities and privileged administrative access.
- Monitor and improve the security posture of identity infrastructure including Active Directory and Entra configurations.
- Partner with technology and application teams to embed secure authentication, authorisation, and single sign-on (SSO) patterns.
- Support cyber incident response activities relating to identity compromise, privilege escalation, or authentication abuse.
- Collaborate with Cyber Defence teams to ensure identity telemetry supports detection and response capabilities.
- Maintain identity security documentation including architecture blueprints, operational procedures, and governance standards.
- Provide oversight and guidance to third-party providers supporting identity platforms and operations.