CrawlJobs Logo

Senior Identity Security Engineer

United Kingdom, Glasgow or Reading, Berkshire · Job Posted February 18, 2026
Apply Position
Job Link Share

Job Description

We are seeking a Senior Identity Security Engineer to design, implement and enhance large‑scale identity environments across Microsoft Active Directory, Entra ID, PKI/ADCS and modern hybrid platforms. This role combines hands‑on engineering with leadership in security design, implementation and assessment, requiring someone who can resolve complex identity challenges end‑to‑end and deliver robust, high‑impact solutions. You will work closely with engineering, architecture and operational teams, across a range of sectors, to deliver secure, resilient identity and certificate services across on‑premises, hybrid and cloud environments.

Job Responsibility

  • Design and architect modern Microsoft identity platforms, including new Active Directory and Entra ID environments, design patterns, standards and long‑term roadmaps for secure, scalable foundations
  • Integrate third‑party identity services, including platforms such as Okta, Ping, Duo, Auth0 and Yubico
  • Assess and improve existing identity environments by identifying risks, technical debt, reliability issues and leading the engineering work to implement practical, measurable improvements
  • Engineer PKI and certificate lifecycle services at scale, including PKI/ADCS design and operation, certificate automation, cloud integrations and modern machine‑identity use cases
  • Plan and lead safe migrations and legacy exits, including decommissioning legacy AD forests, MIM, ADFS and outdated identity components
  • Drive adoption of passwordless and modern authentication, implementing solutions such as Windows Hello, passkeys, FIDO2 and supporting clients through change and adoption
  • Evolve organisations toward cloud‑first identity models, implementing hybrid identity strategies, modern authentication, attribute mastering and secure workload/device identity patterns
  • Automate identity and certificate operations using automation, DevSecOps practices and infrastructure‑as‑code to deliver secure, consistent and maintainable identity services
  • Advising clients on IAM best practices, standards and regulatory requirements, including GDPR, ISO 27001, NIST Frameworks

Requirements

  • Strong engineering background with deep expertise across Active Directory, Entra ID and PKI/ADCS in large, complex environments
  • Pragmatic, methodical problem‑solver able to diagnose and resolve identity issues end‑to‑end in hybrid platforms
  • Effective communicator and collaborator, working across architecture, engineering and operations teams
  • Trusted by clients and colleagues
  • delivers practical, secure solutions that reduce real‑world risk
  • Broad experience across Active Directory, PKI, hybrid identity and modern authentication, including tiering, automation and identity hygiene
  • Skilled in identity migrations and legacy exits, covering AD consolidation, ADFS/MIM retirement and modernisation
  • Strong automation capability with PowerShell, CI/CD, monitoring and IaC to improve reliability and consistency

Nice to have

  • Microsoft identity & security certifications (SC-300, SC-100, AZ-500 or equivalent AD/Entra/PKI qualifications)
  • Security or architecture credentials like CISSP, ISSAP, CRISC, TOGAF or SABSA
  • Cloud platform certifications across Azure, AWS, GCP or Terraform

What we offer

  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Identity Security Engineer

8 matching positions

Senior Machine Identity Security Engineer - AI governance

We are seeking a highly skilled Senior Machine Identity Security Engineer to lea...
Location
Location
United States , Charlotte
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security engineering, identity management, or cloud infrastructure
  • Hands-on experience with secrets management tools (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault)
  • Strong understanding of cloud platforms (AWS, Azure, or GCP)
  • Experience with machine identities (service accounts, API keys, OAuth tokens)
  • Knowledge of authentication protocols (OAuth, OIDC, SAML)
  • Experience integrating security and identity solutions across enterprise environments
  • Strong communication skills with the ability to work across technical and business teams
Job Responsibility
Job Responsibility
  • Lead the end-to-end deployment of machine identity (NHI) governance platforms
  • Integrate with cloud platforms, identity providers, SaaS tools, and enterprise systems
  • Build dashboards, alerts, and reporting for real-time visibility into identity posture
  • Design and implement workflows for identity intake, classification, approval, and ownership
  • Manage lifecycle processes including provisioning, credential rotation, access reviews, and decommissioning
  • Identify and remediate orphaned or ungoverned credentials (API keys, tokens, service accounts)
  • Partner with Identity Management, Cloud Operations, Cybersecurity, and Engineering teams
  • Translate security policies into automated controls and enforcement mechanisms
  • Support AI and business teams in adopting governed, secure machine identity practices
  • Develop runbooks, standards, and documentation for machine identity governance
  • Fulltime
Read More
Arrow Right

Principal/ Senior Software Engineer - Identity Security

Palo Alto Networks is looking for a seasoned and accomplished Software Engineer ...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in Software Engineering
  • Experience with modern backend technologies
  • B.Sc. or M.Sc. in Computer Science, Software and Computer Engineering, or equivalent military experience
  • Experience leveraging AI-assisted development tools (Gemini, Claude) to accelerate the software development lifecycle, including code generation, debugging, and unit test creation
  • Experience in building and managing distributed cloud-based SaaS applications
  • Deep understanding of cloud-native technologies like Kubernetes, Docker, Microservices architecture, and Public Cloud (AWS/GCP/Azure)
  • Experienced with monitoring, profiling and enhancing system performance
  • Excellent written and verbal communication skills
Job Responsibility
Job Responsibility
  • Drive Strategic Vision: Contribute to and execute the long-term roadmap for our Identity solutions, ensuring our tech stack evolves alongside industry best practices and global business goals
  • Lead Innovation: Research and develop cutting-edge technologies to solve the 'Identity Perimeter' problem, turning complex security research into tangible product features
  • Architect Scalable Solutions: Design and implement robust, secure architectures capable of managing identities across fragmented SaaS and on-premise ecosystems at enterprise scale
  • Foster a Culture of Excellence: Engage in a high-caliber engineering environment through mentorship, collaborative code reviews, and a shared commitment to continuous technical growth
  • Collaborate Cross-Functionally: Partner with Product, Platform, and DevOps teams to bridge the gap between complex security requirements and seamless user experiences
  • Own Your Career Path: Take on high-impact initiatives and leadership opportunities tailored to your experience level, with access to the resources needed to become a subject matter expert in Identity Security
Read More
Arrow Right

Principal / Senior Software Engineer - Identity Security

Palo Alto Networks is looking for a seasoned and accomplished Software Engineer ...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in Software Engineering
  • Experience with modern backend technologies
  • B.Sc. or M.Sc. in Computer Science, Software and Computer Engineering, or equivalent military experience
  • Experience leveraging AI-assisted development tools (Gemini, Claude) to accelerate the software development lifecycle, including code generation, debugging, and unit test creation
  • Experience in building and managing distributed cloud-based SaaS applications
  • Deep understanding of cloud-native technologies like Kubernetes, Docker, Microservices architecture, and Public Cloud (AWS/GCP/Azure)
  • Experienced with monitoring, profiling and enhancing system performance
  • Excellent written and verbal communication skills
Job Responsibility
Job Responsibility
  • Drive Strategic Vision: Contribute to and execute the long-term roadmap for our Identity solutions, ensuring our tech stack evolves alongside industry best practices and global business goals
  • Lead Innovation: Research and develop cutting-edge technologies to solve the 'Identity Perimeter' problem, turning complex security research into tangible product features
  • Architect Scalable Solutions: Design and implement robust, secure architectures capable of managing identities across fragmented SaaS and on-premise ecosystems at enterprise scale
  • Foster a Culture of Excellence: Engage in a high-caliber engineering environment through mentorship, collaborative code reviews, and a shared commitment to continuous technical growth
  • Collaborate Cross-Functionally: Partner with Product, Platform, and DevOps teams to bridge the gap between complex security requirements and seamless user experiences
  • Own Your Career Path: Take on high-impact initiatives and leadership opportunities tailored to your experience level, with access to the resources needed to become a subject matter expert in Identity Security
  • Fulltime
Read More
Arrow Right

Senior Software Engineer - Identity & Security

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 4+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
  • 4+ years deep hands-on working knowledge of building cloud-scale services
  • 4+ years experience in one of the object-oriented programming languages including runtime internals like C#, Java, etc.
  • 2+ years operational experience in running service in one of the large-scale clouds like Azure, AWS, GCP
  • 2+ years of technical leadership, raising the technical bar, maintaining data and results-driven culture while closely working with cross function teams for the same connected mission
Job Responsibility
Job Responsibility
  • Create and implement code for large-scale distributed services runtime
  • Write code that is extensible and maintainable, applying coding patterns and practices such as state-of-the-art generative AI, source code organization, and naming conventions
  • Learn and apply diagnosability, reliability, and maintainability principles, understanding when code is ready for sharing and delivery
  • Identify and escalate blockers or unknowns during development, communicating their impact on timelines
  • Ensure proper processes are followed to achieve high standards of security, privacy, safety, and accessibility
  • Contribute to compliance efforts by checking for visible evidence (e.g., audit trails) in product features
  • Develop awareness of compliance expectations at Microsoft and implications of onboarding new technologies
  • Gain knowledge of global and local regulations for technologies and system applications
  • Apply debugging tools, tests, logs, telemetry, and other methods to proactively flag issues in production features
  • Conduct incident retrospectives to identify root causes and implement repair actions
  • Fulltime
Read More
Arrow Right

Senior Agentic Identity & Access Security Engineer

Our client is a leading global investment management company headquartered in Lo...
Location
Location
Poland;Spain;United Kingdom
Salary
Salary:
Not provided
Intellias
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years in security architecture and/or platform engineering, with a track record of shipping production code. Principal / Staff-level depth, ideally in a high-velocity or quant / financial-services engineering culture
  • Deep, mechanical command of modern identity and authorisation: OIDC / OAuth2 / JWT — token issuance flows, claims design, and delegation / impersonation patterns
  • Hands-on HashiCorp Vault experience, including dynamic / short-lived secrets and the realities of migrating off long-lived tokens without breaking a large application estate at once
  • Keycloak policy modelling, ideally with the Terraform-driven configuration the firm already uses
  • Strong Terraform / IaC fluency — enough to design repeatable, self-service patterns that others adopt, rather than bespoke per-team setups
  • Working knowledge of the Active Directory + Entra legacy reality: nested groups, LDAP-backed role mapping, and the distribution-list-as-permission-group failure mode — able to design around the mess pragmatically
Job Responsibility
Job Responsibility
  • Design and ship IaC-driven, self-service identity patterns that roll out firm-wide without requiring a full Active Directory cleanup first
  • Define the currently undefined agentic runtime security model: containerised code execution, permission delegation to agents, and MCP-based tool access
  • Lead the transition from long-lived secrets toward ephemeral, time-based, risk-scored credentials, scoped to task duration and issued via JWT / OIDC
  • Layer LLM / software guardrails (policy-as-text plus human review) on top of whatever hard guardrails are feasible across the estate
  • Establish an opinionated onboarding standard (e.g. mandatory MCP interfaces) and win adoption through better defaults and developer experience, not mandate alone
  • Design SIEM integration, behavioural baselining, and anomaly detection for agentic workflows, and centralise siloed audit logs to satisfy both security and regulatory requirements
  • Take bounded beachheads (for example, authenticate users and then delegate scoped access to internal systems) from vague to delivered
Read More
Arrow Right

Senior Agentic Identity & Access Security Engineer

Our client is a leading global investment management company headquartered in Lo...
Location
Location
Poland; Spain; United Kingdom
Salary
Salary:
Not provided
Intellias
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years in security architecture and/or platform engineering, with a track record of shipping production code
  • Principal / Staff-level depth, ideally in a high-velocity or quant / financial-services engineering culture
  • Deep, mechanical command of modern identity and authorisation: OIDC / OAuth2 / JWT — token issuance flows, claims design, and delegation / impersonation patterns
  • Hands-on HashiCorp Vault experience, including dynamic / short-lived secrets and the realities of migrating off long-lived tokens without breaking a large application estate at once
  • Keycloak policy modelling, ideally with the Terraform-driven configuration the firm already uses
  • Strong Terraform / IaC fluency — enough to design repeatable, self-service patterns that others adopt, rather than bespoke per-team setups
  • Working knowledge of the Active Directory + Entra legacy reality: nested groups, LDAP-backed role mapping, and the distribution-list-as-permission-group failure mode — able to design around the mess pragmatically
Job Responsibility
Job Responsibility
  • Design and ship IaC-driven, self-service identity patterns that roll out firm-wide without requiring a full Active Directory cleanup first
  • Define the currently undefined agentic runtime security model: containerised code execution, permission delegation to agents, and MCP-based tool access
  • Lead the transition from long-lived secrets toward ephemeral, time-based, risk-scored credentials, scoped to task duration and issued via JWT / OIDC
  • Layer LLM / software guardrails (policy-as-text plus human review) on top of whatever hard guardrails are feasible across the estate
  • Establish an opinionated onboarding standard (e.g. mandatory MCP interfaces) and win adoption through better defaults and developer experience, not mandate alone
  • Design SIEM integration, behavioural baselining, and anomaly detection for agentic workflows, and centralise siloed audit logs to satisfy both security and regulatory requirements
  • Take bounded beachheads (for example, authenticate users and then delegate scoped access to internal systems) from vague to delivered
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Engineer II-Identity Governance

The Sr. Cyber Security Engineer II – Identity Governance is a pivotal role respo...
Location
Location
United States , Framingham
Salary
Salary:
139000.00 - 191000.00 USD / Year
staplespromo.com Logo
Staples Promotional Products
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, or a related field or equivalent work experience
  • 10 or more years of progressively complex experience in cybersecurity
  • Proven experience with cybersecurity frameworks (e.g., NIST, ISO 27001)
  • Hands-on experience with security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering
  • Knowledge of network protocols and data encryption methods
  • Hands-on experience supporting Active Directory in an enterprise environment
  • Practical experience with identity and access management concepts including: user lifecycle provisioning, entitlement management, role-based access control (RBAC)
  • Experience building or supporting application integrations with an IGA platform
  • Experience supporting SSO and authentication integrations
  • Working knowledge of conditional access and modern authentication controls
Job Responsibility
Job Responsibility
  • Engineer, maintain, and secure Active Directory components including domains, OUs, group structures, service accounts, and delegated administration models
  • Support hybrid identity patterns integrating on‑premises Active Directory with cloud identity platforms
  • Partner with infrastructure and cloud teams to ensure directory services are resilient, monitored, and aligned to security best practices
  • Apply Zero Trust security concepts to identity systems, recognizing Active Directory and identity connectors as high‑risk control plane assets
  • Support privileged access separation, administrative role scoping, and least‑privilege enforcement across identity platforms
  • Participate in hardening initiatives to reduce privilege escalation paths and credential exposure within identity services
  • Implement and support SSO and federation integrations using industry‑standard protocols (SAML, OIDC, OAuth)
  • Assist in designing and maintaining conditional access policies based on user risk, role, device posture, and authentication context
  • Troubleshoot authentication and authorization issues across directories, identity providers, and integrated applications
  • Support joiner / mover / leaver lifecycle processes across Active Directory and downstream applications
What we offer
What we offer
  • Competitive base salary + bonus on eligible positions
  • 22 days plus 7 major holidays and 1 floating holiday
  • Company match 401(k) plan
  • Online and retail discounts
  • Physical and mental health wellness programs
  • Daycare, cafeteria, fitness center, and coffee shop at our HQ
  • Inclusive culture with associate-led Business Resource Groups
  • Fulltime
Read More
Arrow Right

Senior Software Engineer, Frontend - Identity & User Security

Become an integral part of our Identity and User Security team, where you will p...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or above in Computer Science or a related engineering major
  • 5+ years of frontend development experience, including 2+ years specifically in frontend architecture
  • Have experience developing large-scale financial web systems
  • Proficient in HTML5, CSS3, ECMAScript 6+, and TypeScript
  • Proficient in React, VUE, Angular and corresponding technology stack
  • Strong knowledge of HTTP(s) protocols, RESTful specifications, and build tools like Webpack, Polyfull, Rollup.js
  • Expertise in Styled-Components, Emotion, or SCSS and frameworks like Material UI or Ant Design
  • Have experience building Backend-for-Frontend layers using Node.js
Job Responsibility
Job Responsibility
  • Build high-quality products using latest versions of React and TypeScript
  • Build micro-frontend web applications using domain-based design and Single SPA frameworks to ensure seamless integration
  • Leverage Apollo GraphQL as a Backend-for-Frontend (BFF) to build scalable and high-performance node service with simple and contact-based integration with backend
  • Partner with the design team to build our design system and common component libraries, benchmarking against industry standards like Material UI and Ant Design
  • Deliver NPM packages and library widgets with open source project to facilitate easy client integration
  • Leverage GCP, Aliyun K8S / Bucket CDN, and Cloudflare to deploy micro-frontends and Node.js services using GitLab CI/CD best practices
  • Adopt React Testing Library, Cypress, and Test Render to design high-quality unit test and e2e test with 80%+ coverage
  • Build no-code/serverless CMS systems for corporate and branding pages using Contentful and Next.js
  • Actively engage with the Frontend Guild, research cutting-edge technologies, and drive initiatives to build high-quality products and reduce technical debt
  • Fulltime
Read More
Arrow Right