Job description Posted 24 October 2022

Identity and Access Management is a function within the Tech Ops group that globally looks directories, accounts, access, passwords and sign-on functions. It provides a secure foundation, with standard process and tools to ensure access to GSK information and systems is protected.   

The primary purpose of this role will be to provide design and illustrate technology strategies and architectures with product Owners in alignment with product tower lead architect and solution architects.   

·      Accountable and responsible for helping to shape the product architecture within Directories (See job skills for specifics).

·      Apply software design theories and principles, perform complex work in research, design and development of new or existing products, tools and processes required for the operation, maintenance and testing of products.

·      Seek out emerging and established industry trends, and makes proposals on changes, enhancements, and replacements of our existing identity tools through detailed analysis, proof of concepts and product comparisons.

·      Work regularly with peers, solution architects, and senior management to define/refine product backlogs, product and service requirements. Aid in the agile processes related to decomposing work into epics and stories to ensure delivery of quality products against commitments. 

·      Consistently deliver assigned stories and epics on time, and to high quality, in alignment with GSK documentation, change control, and other applicable processes and standards.

·      Work closely with stakeholders (product owner, solution architects, operations staff, engineering teams) to ensure architecture direction aligns with product/business requirements.

·      Delivery and engineering of identity solutions, ensuring that designs are scalable, resilient, extensible and secure. Ensure systems are configured with necessary redundancy so service is maintained at 99.999% up time. 

·      Ensure industry best practice is being followed for GSK's identity implementation, and regular health checks are being performed to ensure we are responding to any changes in the regulatory landscape and emerging security threats.

·      Provide leadership, direction and mentorship to junior IDAM staff, or 3rd party vendors in the delivery of the product and service.   

·      A proven problem solver that can provide advanced support during business hours to junior members or 3rd party staff and when required by Product Owners.


BSc degree, or equivalent technical qualification with relevant experience.

Computer Science / Software Engineering

The candidate must understand computer system design and development concepts and be able to ensure the delivery of secure and scalable solutions

BSc Hons / Master's degree


Computer Science / Software Engineering

The candidate must understand computer system design and development concepts and be able to ensure the delivery of secure and scalable solutions. They must be able to articulate the advantages and disadvantages of their approach, and the reasoning for following a specific path.

5+ years of IDAM industry experience. 2+ years in a role with proven success in the design, delivery and maintenance of company-wide, large scale identity & access management solutions


This role will be providing deep technical knowledge to the implementation of large scale I&AM solutions, to which they must be able to provide expert guidance on the delivery of projects and solutions to ensure success.

• Proven experience designing solutions with but not limited to some of the following technologies:

·      Directories & Infrastructure: AD-DS, AAD, AAD-DS, Hyper-v, Azure, GPO/AGPM, DNS, WINS, DHCP

·      Directory Data Sync: AAD Connect (Custom rule scripting), MIM with rules extension experience (VBScript, VB.Net, C#, Perl, PowerShell), PCNS, SQL, expert LDAP (incl command line tools), SOAP web services, deep understanding of GSK identity design

·      Directory Security: Azure PIM, Microsoft ESAE/Hardened Forest, LogAnalytics, Defender for Identity, experience with security scanning tools, understanding of pentesting to develop scope, Archer/RMS, CIS benchmarks

•Experience writing / updating scripts to manage tools and data. (Powershell, Perl, Vbscript,..)

•Previous demonstratable experience in the design, delivery and execution of automated and self-service large-scale IDAM solutions that have a global internal and external audience

• Minimum 5-years hands-on experience in the successful delivery and execution of identity tooling

• Broad understanding of IT Security, especially User Access Control & Privileged Access Management

• Proven ability to map business requirements to technical solutions

• Fluency in English