Identity and Access Management Security Engineer (IAM)

Flo
London
5 months ago
Applications closed

Related Jobs

View all jobs

Security Architect

Cyber Security Software engineer

Technical Security Consultant / Presales

Solutions Architect - Technology

CyberArk IAM Engineer

Product Owner - IAM

The Job

Identity and Access Management (IAM) is a foundational security domain, sitting at the perimeter of everything we do, ensuring that only authorised entities can appropriately access company systems and user data is an essential protection, compliance and assurance cornerstone. We are seeking a skilled Identity and Access Management Engineer to join the IT Engineering team at FloHealth. You will work on implementing improvements to our IAM programme, integrating IAM solutions using scripting and automation to achieve scalable and efficient IAM practices and running and maintaining the programme from a technical standpoint . You will be familiar with Infrastructure as a Code and have strong experience of working with Okta. Your role will involve managing and enhancing the IT experience within our application landscape. At Flo Health, we are committed to delivering the best solutions possible.What you'll be doingYou'll be responsible for:Work with key stakeholders, including the VP Security, Director Cloud Engineering and Director IT to support the ongoing improvement of Flo’s IAM strategy and policy, looking holistically at IAM, you will have a complete picture view across enterprise, development and cloud service environments.  Work with the Security Team to execute the IAM Governance Model, Privileged / User Access Reviews (PUAR/UARs).  You will have a deep understanding of IDP / SSO / Authentication tools, and will manage integrations between systems and environments.  Manage the full identity lifecycle.  Manage and maintain documented access rules, ensuring that segregation of duties and least privilege principles are embedded within access rules.  Maintain documented IAM processes and procedures. Engage in the planning, designing, development, and testing of systems or applications, both for software enhancements and new products, which may include cloud-based or internet-related tools. Act as an escalation point and mentor for IT Engineers, adept at resolving technical issues pertaining to user identities and access management. Drive continuous improvements, actively participating in projects and service enhancements. Provide expert insights into the design of strategic initiatives, ensuring efficiency and reliability at a large scale. Ensure the reliability, resilience, security, and compliance of all business process automation. Collaborate with vendors throughout the development, installation, and troubleshooting of application systems and software to enhance the performance of supported applications. Fulfil the role of a technical point of contact, delivering IT solutions and applications based on defined architecture and requirements. Analyse requirements, conduct tests, and facilitate the seamless integration of application components. Ensure successful implementation of system improvements. Streamline processes and policies through automation.Your ExperienceMust have:Extensive knowledge of Identity and Access Management, including RBAC/ABAC concepts and operating policies. Customer-first mindset with an ownership mentality. System Administrator or Enterprise Applications Engineer with 5+ years of experience. Advanced skills in managing systems via Google Workspace, Okta Workflow, Jira Automation, Slack, and other industry-leading SaaS solutions. Experience with implementing and maintaining Zero-Trust concepts and policy enforcement. Understanding Terraform for Infrastructure as Code (IaC) automation in CD/CI and VCS environments. Understanding and experience using or deploying device-based trust applications (Okta Verify, Google Beyondcorp, Cloudflare Zero Trust, etc). Impeccable technical documentation and KB writing skills. Work independently and organised, with the ability to prioritise a busy workload. Skilled in collaborating effectively with cross-functional team members to address dependencies and ensure customer needs are met. Advanced level of thorough technical troubleshooting experience.Nice to have:Network and firewall knowledge. Familiarity with identity governance administration concepts (IGA). Deep understanding of Information Technology and Security-related best practices to ensure integrity and protection. Working in a security-certified environment (e.g.SO 27001, SOC2, PCI DSS).  Promote technology innovation by identifying and researching existing/available or new and relevant technologies. #LI-Hybrid #LI-LM12 Salary Range - gross per month€6.000—€12.000 EUR

Ranges may vary depending on your skills, competencies and experience.

Reward

People perform better when they’re happy, paid well, looked after and supported. 

On top of competitive salaries, Flo's employees have access to:

A flexible working environment with the opportunity to come into the office and work from home Company equity grants through Flo’s Employee Share Option Plan (ESOP) Paid holiday and sick leave  Fully paid female health and sick leave, in addition to holiday and regular sick leave
Workations - an opportunity to work abroad for two months a year Six months paid maternity leave, and one months paid paternity leave (subject to qualifying conditions) inclusive of same-sex and adoptive parents Career growth, progression, and learning development resources Annual salary reviews Unlimited free premium Flo subscriptions A whole host of other benefits (health/pension/social schemes)

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Cybersecurity Leadership for Managers: Strategies to Motivate, Mentor, and Set Realistic Goals in Threat-Driven Environments

In an era of rapidly increasing data breaches, ransomware attacks, and corporate espionage, the importance of robust cybersecurity cannot be overstated. Protecting digital assets has become as essential as safeguarding physical resources, and organisations worldwide rely heavily on specialised teams to defend against sophisticated cyber threats. However, even the most advanced tools and techniques are only as effective as the leadership guiding their use. Cybersecurity leadership requires a dynamic blend of technical know-how, strategic thinking, and people-management skills to maintain readiness against ever-evolving threats. This article is designed for professionals aiming to lead cybersecurity teams or transition into managerial roles where understanding how to motivate, mentor, and set realistic goals is paramount. With insights into building high-performing teams, fostering collaboration, and embracing continuous learning, you’ll be equipped to protect your organisation from a broad spectrum of cyber risks.

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.

Navigating Cybersecurity Career Fairs Like a Pro: Preparing Your Pitch, Questions to Ask, and Follow-Up Strategies to Stand Out

In a world where digital threats are escalating and online infrastructure underpins nearly every aspect of our personal and professional lives, cybersecurity has swiftly become one of the most sought-after career fields. Demand for skilled cybersecurity professionals outstrips supply, both in the UK and globally. From ethical hackers and penetration testers to governance, risk, and compliance (GRC) specialists, the opportunities are extensive—and lucrative. Amidst this surge in demand, cybersecurity career fairs provide an invaluable chance to meet potential employers face-to-face, gain industry insights, and make connections that can accelerate your career trajectory. Unlike applying to countless jobs online, these events bring companies, security leaders, and aspiring candidates together under one roof. When approached with the right strategy, a single conversation at a cybersecurity fair can open the door to your dream job. In this comprehensive guide, we’ll explore how to prepare thoroughly, engage confidently, and follow up effectively after a cybersecurity career fair. By incorporating these insights into your approach, you’ll stand out from the crowd and maximise your chances of securing the perfect role in this fast-growing field.