Identity Management Consultant

Cyber Security Consultant (Identity & Access Management)

Contract Details

Rate: £700 per day

IR35: Inside IR35

Duration: Initial 3-month contract

Location: Fully Remote (UK-based)

Clearance: Active SC Clearance required

We are seeking an experienced Cyber Security Consultant with deep expertise in Identity & Access Management (IAM) to support a security-critical programme within a highly regulated environment. The consultant will lead and deliver identity security improvements across Microsoft Entra ID (Azure AD) and Active Directory environments, focusing on authentication hardening, privileged access, governance, and Zero Trust alignment. The role will involve hands-on technical delivery, security assessments, and the production of clear remediation plans to improve identity posture across hybrid and cloud platforms.

Key Responsibilities

• Lead the design, review, and improvement of identity and authentication security across Entra ID and Active Directory environments.
• Conduct identity security assessments , including authentication discovery, risk identification, and gap analysis aligned to Zero Trust principles.
• Implement and optimise Entra ID governance controls , including Conditional Access, PIM, Access Reviews, Administrative Units, and role-based access.
• Review and improve privileged access management , including break-glass accounts, service accounts, and privileged lifecycle controls.
• Assess and remediate hybrid identity configurations , including Entra ID Connect, directory synchronisation, and authentication flows.
• Provide Active Directory architecture and security expertise , including multi-forest environments, trusts, GPO hardening, and AD-integrated application dependencies.
• Analyse and troubleshoot Kerberos-based authentication , including SPN configuration, constrained delegation, and SSO issues affecting legacy and hybrid applications.
• Review and improve password reset processes , password policies, and service account credential rotation.
• Produce clear technical documentation, security recommendations, and remediation roadmaps for stakeholders.
• Work collaboratively with security, infrastructure, and application teams to ensure identity controls are embedded into wider security architecture.

Essential Skills & Experience

• Active SC Clearance (mandatory).
• Extensive experience as a Cyber Security or IAM Consultant within regulated environments (e.g. defence, aviation, public sector, healthcare).
• Strong hands-on expertise with Microsoft Entra ID (Azure AD) , including Conditional Access, PIM, Access Reviews, MFA, B2B/B2C, and identity governance.
• Deep knowledge of Active Directory architecture, authentication, trusts, GPOs, and hybrid identity integrations.
• Practical experience with Kerberos authentication , including SPN analysis, constrained delegation, and troubleshooting authentication issues.
• Proven ability to assess identity risks and deliver pragmatic, security-focused remediation plans .
• Strong understanding of Zero Trust , identity security best practices, and modern authentication strategies.
• Excellent stakeholder communication skills, with the ability to explain complex identity concepts clearly.

Desirable Experience

• Experience supporting cloud adoption or modernisation programmes .
• Exposure to defence or safety-critical systems .
• Experience producing security standards, policies, and operational guidance .
• Infrastructure-as-Code exposure (Terraform, Bicep) in identity-enabled environments.