IAM Specialist Contract

Role: IAM Specialist
Duration: 7 months
Location: Abingdon – Hybrid
Rate: £55 per hour (Inside IR35)
Security Clearance: Must be eligible to undergo SC Clearance.

The IAM Specialist will be responsible for the hands-on implementation and configuration of UKAEA’s Identity Governance and Administration (IGA) platform. Working within the cyber security team, you will integrate the IGA solution with Microsoft Entra ID, connect authoritative sources (HR systems, contractor databases), and build joiner-mover-leaver (JML) processes with automated approval workflows.
This is a technically focused implementation role requiring deep expertise in IGA platforms and identity lifecycle management. You will work closely with HR, IT operations, and application owners to ensure identity data flows correctly and access provisioning meets business requirements.
Responsibilities
• Implement and configure the IGA platform (SailPoint, Saviynt, Omada, or similar) to meet UKAEA requirements
• Integrate the IGA solution with Microsoft Entra ID as the primary Identity Provider
• Connect authoritative sources (HR systems, contractor databases) to drive identity lifecycle
• Design and implement joiner-mover-leaver (JML) processes with automated provisioning and deprovisioning
• Build and configure approval workflows for access requests, role assignments, and exceptions
• Implement access certification campaigns and recertification processes
• Develop role mining and role-based access control (RBAC) models in collaboration with business owners
• Configure application connectors for target systems (AD, Entra ID, SaaS applications, on-prem systems)
• Implement segregation of duties (SoD) policies and access risk analytics
• Configure SSO and federation services using SAML, OAuth 2.0, OpenID Connect, and SCIM
• Support identity data quality management and remediation activities
• Troubleshoot provisioning failures, synchronisation issues, and connector errors
• Collaborate with application owners during onboarding to define access models and entitlements
• Maintain documentation of IGA configurations, workflows, and integration specifications
• Support audit and compliance activities with reporting and evidence gathering
Skills Required:
• Hands-on experience implementing IGA platforms (SailPoint, Saviynt, Omada, One Identity, or similar)
• Proven experience integrating IGA with Microsoft Entra ID / Azure AD
• Experience connecting authoritative sources (HR systems, databases) to IGA platforms
• Strong understanding of identity lifecycle management and JML process automation
• Experience building approval workflows and access request processes
• Knowledge of access certification, recertification, and attestation campaigns
• Understanding of RBAC modelling, role mining, and entitlement management
• Experience with application connector development and configuration
• Strong understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, SCIM)
• Knowledge of directory services (Active Directory, LDAP) and hybrid identity
• Working knowledge of security frameworks: ISO 27001, NIST CSF
• Strong troubleshooting skills for provisioning and synchronisation issues
• Good documentation skills for technical configurations and runbooks