×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Cloud Computing: Infrastructure & Operations

Identity & Access Engineer; IAM

Job in Salford, Manchester, Greater Manchester, M9, England, UK
Listing for: Finova Technologies Private Limited
Full Time position
Listed on 2026-06-16
Job specializations:
  • IT/Tech
    Cybersecurity, Cloud Computing: Infrastructure & Operations
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Identity & Access Engineer (IAM)
Location: Salford

Identity & Access Engineer (IAM) – Manchester Based (3 Days Hybrid) About Finova

Finova is the UK’s largest financial services technology provider, supporting one in every five mortgages nationwide. Our agile, cloud-native solutions enable over 60 banks, building societies, specialist lenders, equity release providers and a network of 2,400+ brokers to stay ahead in a competitive market.

Built on open architecture and backed by deep industry expertise, our platform is designed to scale. Each year, we process over £50 billion in loans, manage nearly £50 billion in savings, and support the digital servicing of more than 650,000 UK borrower accounts.

Be part of a team that’s driving innovation, enabling growth and shaping the future of UK lending.

About the Role

Finova is seeking a seasoned IAM Specialist to own the design and implementation of identity, access, and entitlements across a multi-cloud SaaS fintech platform.

  • Core Responsibility: Translate architectural choices into practical, automated, and secure IAM implementations spanning workforce, customer, and machine identities.
  • The Stack: Multi-cloud infrastructure across AWS, Azure, and GCP
    . Applications run on .NET with SQL Server-backed role systems.
  • Key Challenge: Enforce tenant isolation and strict least-privilege to satisfy regulators, while defining cutting-edge access boundaries for AI pipelines, vector databases, and automated decision engines.
  • Work Model: A highly collaborative, hands-on hybrid role. You will balance high-level access modeling with day-to-day configuration, such as writing OPA Rego rules or configuring Azure AD Conditional Access policies.
About You

You are a highly analytical identity purist who recognizes that in a modern cloud ecosystem, identity is the actual security perimeter. You bridge the gap between application engineering, cloud infrastructure, and regulatory audit, acting as the subject matter expert on who—and what—has access to everything.

Key Attributes
  • The Structural Architect: You enjoy mapping complex business roles into clean, automated framework permissions, avoiding the technical debt of "privilege creep."
  • Code-Driven Security Advocate: You prefer policy-as-code over manual UI configurations, favoring auditable git repositories and continuous testing for authorization logic.
  • Pragmatic Problem Solver: You understand that security fails if it creates friction, meaning you are constantly looking for ways to use JIT elevation, automated provisioning, and SSO to make access seamless yet secure.
  • Rigorous Guard of Boundaries: You possess an uncompromising eye for isolation details, instinctively knowing how to defend against cross-tenant data leaks and broken access controls.
  • Experience: 4–6 years in IAM, security engineering, or identity-focused cloud engineering with hands-on enterprise deployment experience.
  • Entra : Deep practical knowledge of Azure AD (Entra ), encompassing app registrations, Conditional Access, PIM, and federation configurations.
  • Multi-Cloud

    Competency:

     Hands-on experience with at least two major cloud providers (AWS IAM, Azure RBAC, or GCP IAM) and operational familiarity with all three.
  • Application & DB IAM: Experience implementing RBAC/ABAC models within .NET applications (Claims, ASP.NET Identity) alongside practical SQL Server access management (roles, RLS, data masking).
  • Federation Protocols: Strong capabilities with SAML 2.0, OIDC, OAuth 2.0, and SCIM provisioning workflows.
  • Policy-as-Code

    Skills:

     Experience writing, testing, and deploying authorization policies (OPA/Rego, Azure Policy, or AWS SCPs) directly within a CI/CD pipeline.
  • Modern IAM Tooling: Familiarity with PIM/PAM, CIEM concepts, secretless Dev Ops access patterns (OIDC-based pipeline identity), and secrets managers (Azure Key Vault, Hashi Corp Vault).
  • SaaS Architecture Intuition: A strong understanding of multi-tenancy, with the ability to easily identify missing tenant contexts or authorization bypass vulnerabilities.
  • Communication: Ability to articulate complex identity structures and compliance mandates clearly to developers, architects, and non-technical auditors alike.
Nice-to-Have
  • Fintech

    Experience:

     Prior experience…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search