IAM and AWS Integration Consultant
Posted Today by Cognitive Group | Part of the Focus Cloud Group
Negotiable
Inside
Remote
Greater London, England, United Kingdom
Summary: The role of Identity & AI Security Specialist involves leading the secure adoption of agentic AI capabilities within a UK financial services organization. The successful candidate will design and implement machine identity controls, ensuring compliance with UK and EU regulations while enhancing operational resilience. This position requires strong expertise in AWS security and identity management, particularly in cloud-native environments. The role is fully remote and classified as inside IR35, requiring the candidate to be based in the UK.
Key Responsibilities:
- Lead the rollout and operationalisation of SPIFFE/SPIRE-based workload identity frameworks across cloud-native environments.
- Integrate machine identity solutions with AWS services, including IAM Roles Anywhere and STS Tags.
- Design and implement sender-constrained token mechanisms (Proof of Possession / PoP) to mitigate credential theft and replay attacks.
- Harden OAuth On-Behalf-Of (OBO) and delegated identity flows through enhanced claim validation, short-lived credentials, and just-in-time (JIT) access controls for non-human identities.
- Develop and enhance SOC playbooks focused on identity-centric AI and agentic threats.
- Contribute to enterprise threat modelling activities for AI agents and non-human identities.
- Ensure full traceability and auditability of AI agent actions back to accountable human identities in alignment with EU AI Act Articles 12 and 14.
- Support the secure deployment and governance of AWS Bedrock capabilities.
- Collaborate with governance, risk, and compliance stakeholders to align AI security controls with DORA, FCA Operational Resilience requirements, and broader regulatory obligations.
- Provide technical leadership and subject matter expertise on secure AI adoption across the organisation.
Key Skills:
- Strong experience within UK financial services environments.
- Deep understanding of financial sector regulatory frameworks, including DORA, FCA Operational Resilience, and EU AI Act.
- Hands-on experience implementing SPIFFE/SPIRE or equivalent workload identity solutions.
- Strong AWS security engineering experience, including integration with IAM Roles Anywhere and STS.
- Practical experience with AWS Bedrock and associated AI services.
- Strong understanding of modern identity architectures, federation, OAuth/OIDC, and non-human identity management.
- Experience securing AI/ML platforms and agentic AI ecosystems.
Salary (Rate): undetermined
City: Greater London
Country: United Kingdom
Working Arrangements: remote
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
A leading UK financial services organisation is seeking an experienced Identity & AI Security Specialist to support the secure adoption of agentic AI capabilities across enterprise platforms and cloud environments. The successful candidate will lead the design and implementation of modern machine identity controls, strengthen AI identity assurance, and enhance operational resilience in line with UK and EU regulatory expectations.
Key responsibilities will include:
- Leading the rollout and operationalisation of SPIFFE/SPIRE-based workload identity frameworks across cloud-native environments.
- Integrating machine identity solutions with AWS services, including IAM Roles Anywhere and STS Tags.
- Design and implement sender-constrained token mechanisms (Proof of Possession / PoP) to mitigate credential theft and replay attacks.
- Harden OAuth On-Behalf-Of (OBO) and delegated identity flows through enhanced claim validation, short-lived credentials, and just-in-time (JIT) access controls for non-human identities.
- Develop and enhance SOC playbooks focused on identity-centric AI and agentic threats, including:
- Contribute to enterprise threat modelling activities for AI agents and non-human identities.
- Ensure full traceability and auditability of AI agent actions back to accountable human identities in alignment with EU AI Act Articles 12 and 14.
- Support the secure deployment and governance of AWS Bedrock capabilities, including:
- Collaborate with governance, risk, and compliance stakeholders to align AI security controls with DORA, FCA Operational Resilience requirements, and broader regulatory obligations.
- Provide technical leadership and subject matter expertise on secure AI adoption across the organisation.
Required Experience & Skills
- Strong experience within UK financial services environments.
- Deep understanding of financial sector regulatory frameworks, including:
- DORA
- FCA Operational Resilience
- EU AI Act
- Hands-on experience implementing SPIFFE/SPIRE or equivalent workload identity solutions.
- Strong AWS security engineering experience, including integration with IAM Roles Anywhere and STS.
- Practical experience with AWS Bedrock and associated AI services.
- Strong understanding of modern identity architectures, federation, OAuth/OIDC, and non-human identity management.
- Experience securing AI/ML platforms and agentic AI ecosystems.
This is a business critical role for this financial services end customer and it is a fully remote requirement You must be based in the UK to be considered for this role and this is an inside IR35 contract role working via umbrella company