IAM Engineer

Senior IAM Engineer (Identity and Access Management)

400057176

FULL_TIME

Other

Permanent

London Store Support Centre and Home, Sainsbury's Supermarkets Ltd 33 Charterhouse Street, London Greater London, EC1M 6HA

Competitive Plus Benefits

2026-04-14 15:49:42

https://hdhe.fa.em3.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/jobs/preview/400057176/apply/email?mode=location

Back to search

Senior IAM Engineer (Identity and Access Management)

Salary: Competitive Plus Benefits Location: London Store Support Centre and Home, London, EC1M 6HA Contract type: Permanent Business area: Sainsbury's Tech Closing date: 21 April 2026 Requisition ID: 400057176

We’d all like amazing work to do, and real work-life balance. That’s waiting for you at Sainsbury’s. Think about the scale it takes for us to feed the nation. The level of data, transactions and variety it involves. Then you’ll realise that ours is a modern software engineering environment because it has to be. We’ve made serious investment into a Tech Academy and into setting standards and principles. We iterate, learn, experiment and push ways of working such as Agile, Scrum and XP. So you can look forward to awesome opportunities in everything from AI to reusable tech.

Essential Criteria

• Proven experience applying Identity & Access Management (IAM) principles including Authentication, Authorisation, Access control models (RBAC / ABAC / PBAC), identity lifecycle management (Joiners / Movers / Leavers) and Zero Trust.

• Hands-on experience designing or leading AI driven initiatives within IAM or Cybersecurity.

• Strong ability to analyse identity telemetry (audit logs, sign in logs, access data) and translate insights into actionable improvements

• Extensive hands-on experience with Microsoft Entra ID (Azure AD), including:

• Users, Groups (static & dynamic), roles, service principals, app registrations

• Directories, Tenants, Objects, and Attribute Structures

• Conditional Access policies, SSPR, Access Packages, MFA and Passwordless authentication (e.g. Windows Hello for Business, FIDO2)

• Identity governance activities including Access reviews, Entitlement Management and access control models.

• MS and 3rd party Agentic AI agents governance and lifecycle management.

• Solid engineering experience in Active Directory:

• User and group management, OU design, Group Policy Objects (GPOs), LDAP

• Hybrid identity integration (Azure AD Connect / Cloud Sync)

• Tiering Model and Domain Controller full recovery

• Experience working with Identity Governance tooling such as Saviynt / SailPoint or any other similar product.

• Ability to define AI use cases and requirements aligned to Agent identity governance, Agent lifecycle management, designing controls for effective risk reduction

• Strong understanding of identity threat landscape and how AI can be applied to detect and mitigate risks

• Experience in gathering high level technical requirements, discuss with stakeholders to break it down to detailed requirements along with timeline and communicate to the engineers

• Experience mentoring or coaching engineers, provide technical advice to the team and contributing to team standards and best practices

• Work with Engineering and Product Manager to deliver technical milestones in line with product and business strategy.

• Work collaboratively with IT, product teams, Security Operations Centre, Security Analysts, Security Architects and end users to support IAM solutions and to ensure secure delivery, safeguarding both colleague and customer data.

• Exhibit excellent communication and presentation skills, able to convey complex issues and findings clearly and effectively.

• Demonstrates a strong technical mindset with the ability to analyse complex IAM and AI challenges, make sound architectural and engineering decisions, and proactively remove technical or organisational blockers to enable effective and timely delivery.

• Maintains a commitment to continuous learning while building strong, trusted relationships with technical teams, security partners, and business stakeholders to drive collaboration, capability uplift, and shared ownership of outcomes.

Additional Criteria

• Experience using AI and machine learning concepts to analyse identity related data (e.g. sign in logs, access patterns, usage trends)

• Knowledge of AI assisted automation use cases within IAM:

• Access or sign in anomaly detection

• Risk based access decisions

• Intelligent access reviews or entitlement recommendations

• Experience with Microsoft security and analytics tools (e.g. Entra ID logs, Azure Monitor, Log Analytics, Sentinel).

• Understanding of ethical AI and responsible use of AI, especially in security sensitive and personal data contexts.

• Exposure to Privileged Access Management (PAM) solutions and rolebased privileged access

• Familiarity with data governance, data quality, and information security principles, particularly where AI models consume identity data.

• Strong focus on security, governance, and continuous improvement

• Relevant professional certifications (or actively working towards), such as:

• Microsoft Identity or Security certifications

• AI / data analytics certifications

• CISSP, CISM, or equivalent

We are committed to being a truly inclusive retailer, so you’ll be welcomed whoever you are and wherever you work. Around here, there’s always the chance to try something new - whether that’s as part of an evolving team or somewhere else across the business - and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. When you join our team, we’ll also offer you an amazing range of benefits. Here are some of them:

Starting off with colleague discount, you'll be able to get 10% off at Sainsbury's, Argos, TU and Habitat after 4 weeks. This increases to 15% off at Sainsbury’s every Friday and Saturday and 15% off at Argos every pay day. We've also got you covered for your future with our pensions scheme and life cover. You'll also be able to share in our success as you may be eligible for a performance-related bonus of up to 20% of salary, depending on how we perform.

Your wellbeing is important to us too. You'll receive an annual holiday allowance, and you can buy additional holiday. We also offer other benefits that will help your money go further such as season ticket loans, interest free car loan of up to £10k, cycle to work scheme, health cash plans, pay advance (where you can access some of your pay before pay day) as well access to a great range of discounts from hundreds of other retailers. And if you ever need it there is also an Employee Assistance Programme, you will also be eligible for private healthcare too.

Moments that matter are as important to us as they are to you which is why we give up to 26 weeks’ pay for maternity or adoption leave and up to 4 weeks’ pay for paternity leave.

Please see www.sainsburys.jobs for a range of our benefits (note, length of service and eligibility criteria may apply).

Want to learn more about our teams?

Visit our teams page

back to top