Access Management Engineer

Please note - This role may require occasional attendance at our Cardiff or Swansea office as part of an on‑call rota (one week in every three).

The Access Management Engineer is responsible for designing, implementing, and maintaining secure identity and access solutions within Microsoft Entra. This role ensures that users, devices, and applications have appropriate access while safeguarding organisational resources against unauthorised use. The engineer will work closely with security, compliance and leverage Infrastructure as Code tools such as Terraform to automate Conditional Access policies, implement passwordless authentication using Passkeys, and strengthen identity verification processes to support Zero Trust principles and SCIM.

This role involves working in a fast-paced and agile environment, collaborating with various teams within Admiral, and creating an effective Access Management function.

Main Duties 

You will,

• Assist with product vision and strategy for Access Management solutions, including Entra ID, MFA, SSO and SCIM.
• Collaborate with teams to design, develop, and implement Access Management solutions and remediate vulnerabilities identified, lessons learnt from prior incidents, and resolve known issues.
• Proactively communicate updates, project statuses, and key milestones to stakeholders at all levels of the organisation.
• Work collaboratively with the IAM Compliance team in support of internal and external audit.
• Manage user identity lifecycle, including provisioning, de-provisioning, and role-based access control.
• Implement governance policies for privileged access and enforce least privilege principles.
• Design and enforce Conditional Access policies to protect sensitive resources.
• Use Terraform to automate deployment and management of Conditional Access configurations across environments.
• Implement Passkeys and other passwordless authentication methods to enhance security and user experience.
• Integrate FIDO2 and biometric authentication options within Microsoft Entra.
• Configure and maintain identity verification workflows for onboarding and high-risk transactions.
• Integrate multi-factor authentication (MFA) and adaptive risk-based access controls.
• Monitor compliance with organisational security standards and regulatory requirements.
• Conduct regular audits of identity and access configurations.
• Investigate and resolve identity-related security incidents promptly.
• Provide root cause analysis and remediation plans.
• Stay updated on Microsoft Entra capabilities, Terraform modules, and emerging identity technologies.
• Recommend enhancements to improve security posture and operational efficiency.

Other duties include:

• Deputise for the Technical Product Lead as required.
• Proactively manage and address any risk issues relating to your assigned duties.
• Documentation of processes and procedures that are specific to the scope of responsibilities, ensuring document compliance with Quality Standards.

This is not a full definition of the role but covers the main aspects and drivers for success.

Experience Required 

Essential 

• Proven experience implementing and operating Microsoft Entra in a medium to large organisation.
• Experience in Infrastructure as Code Terraform.
• Expert knowledge of Access controls and best practice.
• Highly organised, with ability to work independently or as part of a team.
• Strong analytical and problem-solving skills.
• Excellent communication skills, both written and verbal.

Desirable 

• Experience of multiple technologies, including Cloud.
• Delivering value in an agile organisation.
• Experience within an ITIL v4 operational environment.

Admiral: Where You Can

We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We’re committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to £3,600 of free shares each year after one year of service.

Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.

We’re proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We’re fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.

Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here.

#LI-CS1