Lead Security Architect – Identity and Access Management (IAM)

Job Description:

Lead Security Architect – Identity and Access Management (IAM)

Permanent

London / Staines / Manchester (Hybrid Working)

We make health happen

At Bupa, our purpose is simple but powerful — helping people live longer, healthier, happier lives and making a better world. We’re a global healthcare provider and insurer with no shareholders, which means our customers come first in everything we do.

As our Lead Security Architect – IAM, you’ll play a key role in protecting the digital identities of our people, customers, and partners. You’ll help shape and deliver a secure, scalable, and user-friendly identity and access management strategy that supports our digital transformation and keeps our systems safe.

This is your chance to join a team that’s passionate about innovation, security, and making a real difference to people’s lives.

Key Responsibilities

As our Lead Security Architect – IAM, you’ll:

Define and maintain our enterprise IAM architecture, aligned with Zero Trust principles. Develop reusable design patterns and reference models for IAM services like identity lifecycle, RBAC/ABAC, SSO, MFA, and PAM. Lead the integration of IAM solutions across cloud, SaaS, and on-prem platforms including Azure, GCP, Kubernetes, and legacy systems. Evaluate and select IAM technologies such as Entra ID, Okta, CyberArk, and SailPoint. Design scalable identity governance and administration (IGA) solutions for staff, customers, and third parties. Collaborate with teams across Cybersecurity, Risk, Engineering, and Compliance to embed IAM controls. Stay ahead of emerging trends like decentralised identity and passkeys and guide architectural innovation. Provide expert consultancy during audits, incident response, and solution design. Support internal and external risk, compliance, and audit reviews.

What We’re Looking For

We’re looking for someone who brings deep technical expertise and a collaborative mindset. You’ll need:

7+ years’ experience in IAM, security architecture, or cloud engineering with a strong IAM focus. Proven experience designing and implementing enterprise IAM strategies. Strong knowledge of IAM governance, access reviews, and compliance frameworks. Hands-on experience with platforms like Azure AD, Okta, SailPoint, CyberArk, and BeyondTrust. Familiarity with identity protocols (SAML, OAuth2, OpenID Connect) and Zero Trust models. Experience with hybrid and multi-cloud environments, including Kubernetes and SaaS integrations. Relevant certifications (e.g. SC-300, CIAM, CISSP, CCSP, SABSA) are a plus. Excellent communication skills — able to explain complex ideas to technical and non-technical audiences. A passion for continuous improvement and a proactive approach to problem-solving.

Benefits

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family-friendly benefits.

Joining Bupa in this role, you’ll receive the following benefits and more:

25 days holiday, increasing through length of service, with the option to buy or sell Enhanced parental leave Company-matched pension scheme Annual performance-based bonus Private medical insurance Access to our health assessments and wellbeing services Discounts on Bupa products and services

Why Bupa

We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.