Enterprise Cloud Identity Architect

Enterprise Cloud Identity Architect – dunnhumby, London

Overview

dunnhumby is seeking an experienced Enterprise Cloud Identity Architect to design and govern enterprise identity and access management across cloud platforms. You will define IAM architecture, drive secure authentication and authorization, enable least-privilege access, and ensure compliance and governance across the organization. The role collaborates with Security, Platform Engineering and DevOps to implement scalable identity solutions and modern IAM tooling.

Responsibilities

• Lead design and implementation of cloud identity architecture across cloud providers (e.g., Azure AD, AWS IAM) and SaaS apps.
• Define IAM strategy, authentication/authorization models, SSO, MFA, federation and access control policies.
• Evaluate and integrate IAM tooling (Okta, Azure AD, AWS IAM) with applications and platforms.
• Implement least privilege, role-based access control, access reviews, and auditable logs.
• Collaborate with Security, Platform Engineering and DevOps to embed secure-by-default patterns.
• Build governance and compliance workflows aligned with data protection regulations.
• Provide technical leadership and mentorship to engineers and cross-functional teams.

Requirements

• 7+ years of experience in identity and access management and cloud security architecture.
• Strong knowledge of SAML, OAuth 2.0, OpenID Connect, SCIM; hands-on with Azure AD, AWS IAM and Okta.
• Experience implementing SSO, MFA, federation, directory services, and conditional access in enterprise environments.
• Familiarity with Kubernetes, cloud-native IAM integrations, and security CI/CD practices.
• Excellent communication skills and ability to partner with security, product and engineering teams.

Nice to have

• Experience across multiple cloud platforms and SaaS integrations.
• Knowledge of zero-trust architectures, identity governance, and regulatory compliance frameworks.