Job Specifications
AVEVA is creating software trusted by over 90% of leading industrial companies.
Job Title: IDAM Engineer
Location: Cambridge/ London
Employment Type: Full Time
The Job
AVEVA are looking for an Identity and Access Management (IDAM) focused Engineer with a strong background in engineering hybrid Windows platforms to join our growing team. The AVEVA IT team is dedicated to securing access to AVEVA’s platforms. The IDAM Engineer will be responsible for delivering and maintaining modern and legacy infrastructure required to support a rapidly growing software company. You will play a crucial role in furthering the security posture of the organisation through a combination of technical hands-on work and collaboration with cross-functional engineers to drive transformational security projects.
This role requires a strong focus on automation of IAM processes, including automating all types of IAM requests raised in tools such as ServiceNow or Jira, and ensuring reports and data extractions are automated rather than manually generated. The engineer must also have experience using AI tools to optimise day-to-day tasks and reporting, expertise in engineering Joiner-Mover-Leaver (JML) processes, and experience with SailPoint or similar identity governance platforms. Additionally, the role requires experience supporting Microsoft Exchange or other mail services.
Key Responsibilities
Maintain and monitor IAM and Messaging systems, including Microsoft Exchange
Operate and maintain multi-site Active Directory domains & forests, inclusive of cloud infrastructure components within Microsoft Azure
Adhere to and develop guidelines/processes for deploying, monitoring, maintaining, and documenting essential infrastructure services
Respond to critical issue occurrences to resolution
Provide accurate, complete, and up-to-date diagrams and documentation of systems architecture
Provide level 2 support and coordinate as needed with technology vendors (performing diagnosis on incidents, implementing standard changes to the infrastructure)
Troubleshoot and manage the resolution of issues relating to identities, systems, access, accounts, authentication, authorisation, entitlements, and permissions
Work in concert with security teams to harden infrastructure systems and monitor for malware and unauthorised access
Manage Exchange Online and Hybrid Exchange environments, including mail flow, connectors, and transport rules.
Configure and maintain mailbox policies, anti-spam/phishing policies via Defender for M365, secure mail routing and email encryption.
Automate IAM request fulfilment workflows raised in ServiceNow or Jira to improve efficiency and accuracy
Implement automation for reporting and data extraction to ensure audit readiness and reduce manual effort
Engineer and optimise JML processes to ensure secure and efficient identity lifecycle management
Leverage AI-driven solutions for operational tasks, troubleshooting, and reporting
Essential Skills And Experience
A solid foundation in Microsoft security policies and configurations spanning Microsoft cloud services (SaaS/PaaS), IAM, and Privilege Access Management domains
A strong understanding of industry-standard SSO technologies and authentication methods (OpenID Connect, SAML, OAuth, Kerberos, LDAP, etc.)
Production-level experience implementing and supporting Microsoft security infrastructure
Deep understanding of mail flow and email security solutions (DKIM, SPF, DMARC)
An eagerness to produce scalable and repeatable security practices through automation
Demonstrated experience managing and securing Azure resources using code-driven methods
A broad knowledge and understanding of the cyber security threat landscape
Significant and proven experience of dealing with IDAM systems incidents and associated response measures
Experience with Microsoft Exchange or other enterprise mail services
Proven experience managing an Exchange Hybrid environment with Defender for M365
Experience with SailPoint or similar identity governance platforms
Expertise in engineering JML processes
Experience with AI technologies and ability to apply AI-driven solutions in operational workflows
Desirable Skills And Experience
At least 2 years of professional experience in IAM-focused roles delivering security in cloud-native, distributed architectural solutions in complex environments
Knowledge and/or a proven record of success in the following areas:
Continuous integration, development and testing practices and DevOps tools
Familiarity with scripting languages, such as PowerShell and Python, to automate IDAM tasks
At least 2 years of professional experience in M365 administration with a focus on Exchange Hybrid and Teams Enterprise Voice management.
Bachelor’s degree in Computer Science, Engineering, Mathematics, or related field; or equivalent combination of education/professional experience
Relevant technical certifications a plus
Strong ability to communicate with both technical and non-tec
About the Company
AVEVA is a global leader in industrial software, sparking ingenuity to drive responsible use of the world's resources. The company's secure industrial cloud platform and applications enable businesses to harness the power of their information and improve collaboration with customers, suppliers and partners.
Over 20,000 enterprises in over 100 countries rely on AVEVA to help them deliver life's essentials: safe and reliable energy, food, medicines, infrastructure and more. By connecting people with trusted information and A...
Know more