×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security

Lead, Security Controls Specialist, IAM

Job in Nottingham, Nottinghamshire, NG1, England, UK
Listing for: LSEG
Full Time position
Listed on 2026-01-10
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security
Job Description & How to Apply Below

Overview

We are looking for a dynamic and influential Lead, Security Controls Specialist to lead our Cybersecurity Governance & Audit function with a solid focus on Identity and Access Management (IAM). This is a high-impact role at the intersection of cybersecurity, compliance, and identity governance, ideal for a seasoned professional who thrives in complex, regulated environments.

You will be responsible for shaping and maturing our cybersecurity governance framework, leading external audit and regulatory engagements, and serving as a trusted advisor to both internal and external stakeholders. You will play a critical role in articulating our IAM architecture and control posture to clients, auditors, and regulators, ensuring transparency, assurance, and continuous improvement.

The ideal candidate brings deep expertise in IAM governance, Privileged Access Management (PAM), and Identity Governance and Administration (IGA), along with the confidence to challenge evidence, defend control design, and drive audit readiness across the enterprise.

Key Responsibilities
  • Governance & Compliance
    • Lead the development, implementation, and continuous improvement of cybersecurity governance frameworks, policies, and standards.
    • Ensure alignment with regulatory requirements (e.g., ISO 27001, NIST, GDPR, SOX).
    • Drive policy adoption and compliance across business units and technology teams.
  • Audit Management
    • Own the end-to-end process for external cybersecurity and identity-related audits, including planning, coordination, evidence collection, and response to observations.
    • Act as the main point of contact for external auditors, regulators, and third-party assurance teams.
    • Support client audits and due diligence activities by articulating the organisation’s IAM architecture, controls, and operational processes.
    • Review and challenge audit evidence to ensure accuracy, completeness, and relevance.
    • Track and manage audit findings, ensuring timely remediation and closure.
    • Collaborate with internal teams to ensure audit readiness and continuous improvement of control environments.
  • IAM Governance
    • Lead the strategic development and continuous improvement of IAM governance frameworks, ensuring alignment with enterprise security architecture and zero trust principles.
    • Define and enforce policies for identity lifecycle management, access provisioning/deprovisioning, and role engineering across hybrid environments (cloud/on-prem).
    • Oversee technical governance of PAM and IGA platforms, including integration with SIEM, ITSM, and HR systems.
    • Drive automation and analytics in IAM processes to improve efficiency, reduce risk, and support audit readiness.
    • Collaborate with IAM engineering and operations teams to ensure secure implementation of access controls, including API-level enforcement and dynamic access policies.
    • Establish and monitor IAM governance KPIs (e.g., access review completion rates, orphaned accounts, SoD violations) and report to senior leadership.
  • Risk & Controls
    • Oversee the design and effectiveness of cybersecurity controls across the organisation.
    • Conduct control assessments and gap analyses to identify areas of improvement.
    • Collaborate with internal teams to define and implement risk mitigation strategies.
  • Stakeholder Engagement
    • Build strong relationships with internal and external stakeholders, including IT, Legal, Risk, Business Units, clients, auditors, and regulators.
    • Represent the IAM function in external forums, including regulatory reviews, client assurance meetings, and third-party risk assessments.
    • Provide clear, concise, and actionable reporting to senior leadership and governance committees.
    • Educate and influence stakeholders on cybersecurity governance, IAM architecture, and audit readiness.
Required Skills & Experience
  • Proven experience (7+ years) in cybersecurity governance, risk, and audit within a complex enterprise environment.
  • Strong understanding of audit methodologies and regulatory frameworks (ISO 27001, NIST). Deep technical understanding of IAM architecture, protocols (SAML, OAuth, OpenID Connect), and directory services (LDAP, AD, Azure AD).
  • Experience designing and implementing scalable IAM solutions in complex,…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search