Cyber Security IdAM Senior Specialist

Based at least 2 days a week in our Bath Head Office as our new Cyber Security IdAM Senior Specialist, you will report to the Cyber Security Engineering Team Leader. You will develop the Cyber Security Identity and Access Management (IdAM) functions, deliveries and continuous improvement of identity security across the organisation.

You will ensure identity security operates as a strategic control pillar rather than a reactive support function.

What you'll do

The Cyber Security IdAM Senior Specialist drives the operational effectiveness, resilience and continuous improvement of the organisation's Identity and Access Management capabilities. The role ensures robust access control, secure authentication standards and regulatory alignment across on-premises, cloud and hybrid environments.

It provides senior technical authority in identity security, working across IT, security, governance and business teams to embed best practice, reduce identity-related risk exposure and enhance the organisation's overall security posture.

In particular, you will:

• investigate and resolve identity-related security incidents, including unauthorised access, privilege misuse and credential compromise
• develop and refine SIEM detection use cases and identity-centric analytics to enable earlier identification and containment of threats
• drive adoption of evolving identity security practices, including Zero Trust principles, modern authentication standards and identity analytics
• deliver roadmap enhancements to ensure IdAM capabilities remain aligned to the threat landscape and business risk profile
• where designated, act as technical service owner for key security platforms, ensuring performance, resilience and continual optimisation
• oversee monitoring and analysis of identity telemetry, authentication patterns and privilege usage to detect anomalous behaviour and systemic risk
• provide clear, risk-focused reporting and recommendations to senior management, supporting informed decision-making and prioritisation of remediation efforts
• provide authoritative identity security input into projects, architectural design reviews and technology implementations
• ensure new systems, integrations and application deployments align with enterprise authentication, authorisation and lifecycle standards
• maintain and continuously improve secure configuration baselines across identity infrastructure, including both cloud and on-premise environments
• lead optimisation and hardening of enterprise IdAM platforms, including privileged access controls, identity governance and directory security
• oversee access governance activities, including periodic access reviews, privilege rationalisation and enforcement of least-privilege principles
• identify and remediate systemic identity risk through conditional access enforcement, legacy protocol reduction, authentication strengthening and directory security enhancement
• produce and maintain high-quality documentation, including standards, procedures, runbooks and post-incident reports
• provide identity risk metrics and performance insight to support operational planning and strategic decision-making
• provide senior technical guidance and mentorship to analysts, engineers and apprentices, building identity security capability within the team
• act as a trusted advisor on identity and access matters across the business, balancing security requirements with operational practicality
• provide considered, proportionate guidance where security deviations are identified, ensuring remediation without unnecessary disruption
• promote a culture of shared accountability for identity security, strengthening collaboration between technical and business stakeholders.

What you'll need

Essential areas of expertise include:

• advanced working knowledge of enterprise security tooling, including PAM, IAG, SIEM, EDR, and NDR platforms, with the ability to design detection logic, tune telemetry and optimise signal-to-noise ratios in complex environments
• advanced working knowledge of enterprise IdPs such as AD and Entra ID
• proven ability to mentor, coach and uplift junior security professionals and apprentices, fostering technical growth, operational discipline and investigative capability
• extensive experience analysing, investigating and responding to security events within cloud environments, including identity abuse, privilege escalation and control bypass scenarios
• extensive experience analysing and responding to threats within on-premise infrastructure, including directory services, legacy authentication protocols and lateral movement techniques
• demonstrated commitment to continuous improvement of security posture, proactively identifying control gaps and driving measurable remediation
• highly developed written communication skills, including production of policies, standards, technical documentation, post-incident reports and executive-level summaries
• strong verbal communication skills, with the ability to articulate complex technical risks in a clear, proportionate manner to both technical and non-technical stakeholders
• ability to operate effectively across multi-disciplinary teams, influencing infrastructure, development, OT, governance and business stakeholders to embed secure practices
• comprehensive knowledge of security protocols, authentication mechanisms, cryptographic standards and modern access control technologies
• strong understanding of adversary tactics, techniques and procedures (TTPs), including application of frameworks such as MITRE ATT&CK and MITRE ATT&CK for ICS to enhance detection engineering and defensive resilience.

What you'll receive

• A combined pension contribution of up to 20%.
• Career progression and professional development opportunities.
• 25 days' holiday rising to 28 with length of service.
• The opportunity to sell up to five days of holiday every year.
• The opportunity to buy up to ten days of holiday each year (subject to conditions).
• A healthcare package that allows you to claim back healthcare costs.
• Life assurance of up to eight times your salary.
• The opportunity to lease a new electric car through salary sacrifice (subject to conditions).
• Cashback and discounts from more than 3,000 retailers.
• One paid volunteering day each year.
• Enhanced family leave and pay arrangements.
• Access to an interactive health and wellbeing platform.
• Support from trained mental health first aiders.
• A £1,000 referral fee if you recommend someone who is successfully recruited by us. 

Who we are

YTL UK is part of the international YTL Group based in Kuala Lumpur. The UK companies include:

• Wessex Water – one of the top-performing water and sewerage companies in England and Wales, serving 2.9 million people across the South West
• YTL Developments – a major UK developer currently redeveloping a 350-acre former airfield into an award-winning, exciting mix of houses, apartments, schools, commercial space, restaurants and hotels, to make a truly sustainable new community
• YTL Construction UK – a top 20 UK contractor providing fully integrated services to infrastructure, residential, commercial, industry, energy and environmental sectors
• YTL Live – the development and operation of an entertainment complex that includes a 20,000 capacity arena, conferencing and exhibition space
• plus a number of other retail, environmental and specialist businesses.

Our people tell us that YTL UK is a great place to work, which is why so many of them stay with us! You will have a unique opportunity to develop and progress your career within such a diverse group.

We are passionate about diversity and inclusion – with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer.

If you require reasonable adjustments to be made during the recruitment process, please inform a member of our Recruitment team.