Identity & Access Management (IAM) / Privileged Access Management (PAM) Engineer
Belfast - Centre of Excellence | High-Growth Digital Asset Organisation
Ocho is delighted to partner with a high-growth international organisation as they establish a brand-new strategic presence in Belfast. Headquartered in Singapore and recognised as one of Asia's leading digital-asset partners, this organisation enables institutions to seamlessly integrate digital assets into their portfolios with confidence, clarity, and security.
Entering the Northern Ireland market for the first time, the business is creating a Belfast-based Centre of Excellence focused on security, engineering, and operational excellence. This is a rare opportunity to join at ground level, influence the direction of a major expansion, and shape the future of digital-asset security.
The Role
As an IAM/PAM Engineer, you will design, build, and manage the organisation's Identity and Access Management and Privileged Access Management solutions across both on-premise and cloud environments. You'll play a key role in strengthening security posture, meeting global regulatory requirements, and driving operational maturity as the Belfast team scales.
Key Responsibilities
Design, develop, implement, and maintain IAM & PAM solutions across on-prem and cloud workloads.
Support IAM/PAM onboarding and offboarding processes, improving user experience and reducing onboarding timelines.
Recommend enhancements to existing IAM architecture to counter evolving cyber-security threats.
Ensure IAM/PAM compliance with regulatory frameworks (e.g., MAS, FSRA) and maintain associated policies, standards, and guidelines.
Drive IAM/PAM audit, governance, and regulatory activities.
Perform IAM/PAM administration, including access provisioning/deprovisioning, SSO/MFA initiatives, and cloud IAM adoption.
Conduct periodic access reviews and attestations.
Follow established change-management processes.
Create and maintain detailed documentation, SOPs, and configuration records.
Collaborate with cross-functional teams and external vendors to deliver solutions.
Contribute to and support wider IT projects.
Requirements
Strong understanding of IAM principles and Zero Trust frameworks.
Familiarity with compliance standards such as ISO 27001, NIST 800-53, GDPR, SOX, and PDPA.
4+ years of hands-on experience designing and implementing IAM & PAM solutions using tools such as SailPoint, Okta, CyberArk, or similar.
Expertise in Active Directory and Azure Active Directory (Entra ID): user/group management, OUs, GPOs, password policies, federation technologies (ADFS, SAML), LDAP, Kerberos, trusts, and replication.
Strong knowledge of authentication and authorisation technologies (MFA, SSO, OAuth 2.0, SAML, OIDC, Okta, PingFederate, Entra ID).
Experience with PAM, PIM, JIT/JEA, JML workflows, and tools such as CyberArk or BeyondTrust.
Scripting capability with PowerShell, CLI, Bash, etc.
Confident in vendor management and ensuring timely delivery of solutions.
Adaptable, proactive learner who keeps up with evolving IAM/PAM technologies.
Strong analytical and problem-solving skills.
Excellent communication skills, able to explain technical concepts clearly to diverse audiences.
Nice to have: Relevant certifications such as Certified Identity and Access Manager (or equivalent).
Chris has proudly worked in the Tech recruitment industry for over 20 years, successfully delivering on challenging IT recruitment campaigns in global IT software companies in the US, UK, and Ireland. If you would like a discussion on how we can support your career or hiring needs, please get in touch