Lead IAM Technical Architect

On behalf of UKRI, we are looking for a Lead IAM Technical Architect (Inside IR35) for a 9 Month Remote contract with occasional visits to Swindon.

UK Research and Innovation (UKRI) is the national funding agency investing in science and research in the UK.

Role Summary

Lead IAM Technical Architect responsible for defining and delivering the enterprise identity architecture for UKRI, establishing identity as the primary security control plane across services.

The role combines cross-programme IAM design authority with secure-by-design, risk-led decision making, providing leadership across multiple IAM project workstreams and stakeholder groups.

Key Responsibilities
Define and govern the target-state IAM architecture, covering:

1 Identity verification and assurance

2 Identity governance & life cycle (IGA/JML)

3 Authentication and access management (AM)

4 Privileged access (PAM)

5 Customer and citizen identity (CIAM)

6 Non-human/machine identity (NHI/MIM)

7 Federation and identity trust models
. Lead end-to-end IAM solution design across programmes, ensuring alignment with enterprise architecture and UK Government standards
. Provide design authority and architectural assurance, ensuring solutions are secure, scalable, and aligned to organisational strategy
. Embed secure-by-design principles, integrating identity into risk-based access control and Zero Trust models
. Define identity life cycle and governance controls, including provisioning, access review, and deprovisioning
. Design integration and federation patterns, enabling secure identity exchange across UKRI, partners, and suppliers
. Develop transition architectures and migration strategies from Legacy identity services
. Deliver a phased IAM roadmap aligned to Discovery, Alpha, and enterprise rollout
. Engage senior stakeholders and provide technical leadership and advisory support across business and technology teams

Deliverables
. Enterprise IAM target architecture and design blueprint
. Current-state IAM assessment and risk analysis
. Identity governance and life cycle (IGA) operating model
. Authentication and access management design (including MFA/passwordless)
. Privileged access management control model
. Identity integration and federation architecture
. Transition and migration architecture
. Phased delivery roadmap with defined outcomes and milestones

Outcomes
. Delivery of Zero Trust capabilities
. Identity governance and compliance improvements
. Risk reduction across access control and identity life cycle
. Reduce the risk of increased exposure to:

1 Identity-related security risks

2 No compliance audit and regulatory findings

3 Fragmented and inconsistent IAM solutions

Specific skills required for the role

Technical and Architecture Expertise
. Enterprise IAM architecture across IGA, AM, PAM, CIAM, federation, and NHI/MIM
. Strong experience in Zero Trust architecture and identity-driven access control
. Design of identity life cycle governance models and audit controls
. Integration and migration architecture across Legacy and modern platforms

Experience with platforms such as:
. Entra ID
. AWS Cognito
. IGA and PAM tooling

Security and Risk Capability
. Strong understanding of modern authentication and assurance models
. Experience embedding risk-based access controls and policy-driven identity
. Ability to translate risk into pragmatic architectural controls

Delivery and Leadership
. Proven delivery of large-scale IAM transformations
. Stakeholder engagement across business, security, and technical domains
. Ability to lead multi-team and supplier delivery environments
. Experience delivering phased roadmaps with measurable outcomes

Desirable
. Experience with UK Government identity services (eg GOV.UK One Login)
. Knowledge of ISO/IEC 24760, NIST SP 800-63, and NCSC guidance
. Experience in public sector or federated research environments

Please be aware that this role can only be worked within the UK and not Overseas.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".