A leading global hedge fund is seeking an experienced Identity and Access Management Engineer with extensive hands-on experience designing and implementing modern identity solutions. This role focuses on advancing the firm’s IAM capabilities to support innovation, agility, and strong security foundations across a complex technical environment.

Working with a diverse set of stakeholders - including developers, researchers, and infrastructure teams - the successful candidate will operate as a bridge between security and engineering, turning strategic security objectives into scalable, practical solutions. This is a deeply technical, engineering-driven role, requiring strong low-level IAM expertise and the ability to design and build identity platforms rather than solely define governance or policy.

Key Responsibilities:
*Design and implement modern IAM platforms, ensuring scalability, resilience, and security from the ground up.

*Secrets management solutions for applications, services, and infrastructure-covering secure storage, rotation, access control, and auditing.
*User-to-service and service-to-service authentication systems, built on modern, standards-based methods.
*Standards-compliant identity providers and federated identity services (e.g., OAuth 2.0, OpenID Connect, SAML) to support consistent, secure authentication across the organisation.
*Authorisation frameworks including fine-grained and policy-driven access models aligned with least-privilege and zero-trust principles.

*Promoting IAM standards, reusable patterns, and reference architectures to streamline secure adoption across engineering and infrastructure teams.

*Translating complex identity and security risks into actionable guidance for technical stakeholders.
*Continuously maturing IAM capabilities, identifying gaps, and driving ongoing improvements aligned with evolving technology needs.
*Contributing to broader security domains-such as cloud security, application security, and platform security-where identity acts as a core control.
Required Qualifications:
*5+ years of hands-on experience in IAM engineering or security engineering, with a focus on building and operating identity platforms in production settings.
*Recent experience implementing secrets management, authentication systems, and authorisation solutions using modern, standards-based approaches.
*Strong understanding of IAM architecture, identity protocols, and foundational security design principles.
*Ability to troubleshoot complex identity flows and deep understanding of modern IAM technologies and low-level mechanics.
*Strong grasp of security best practices, attack patterns, and identity-related threats across applications, platforms, and cloud environments.
*Broader systems knowledge-including Linux/Unix, networking fundamentals, containerisation/Kubernetes, and cloud security concepts.
*Ability to translate complex risks into clear, actionable guidance for varied stakeholders.
*Ability to read and write Python.
*Degree in Engineering, Computer Science, or another STEM field.
Nice to Have:
*Experience using infrastructure-as-code or security-as-code tooling (e.g., Terraform, Ansible), particularly for IAM, secrets management, or policy automation.
*Advanced coding ability across multiple programming languages.
*Background in high-performance engineering environments, research-driven teams, or settings requiring careful security trade-offs