Job Description:
Location: Farnborough, Hampshire, UK
Employment Type: Permanent, Full-Time
Security Clearance: Developed Vetting (DV) - Essential
DXC Technology is a Fortune 500 company with over 40 years' UK presence, recently establishing its Aerospace and Defence Hub in Farnborough. We deliver secure identity, access and data management solutions enabling defence and aerospace organisations to operate securely at scale.
The IDAM (Identity, Access and Data Management) Architect designs, governs and implements enterprise-scale identity and access management solutions for defence and aerospace environments. You will architect secure authentication, authorisation and identity governance frameworks, lead IDAM modernisation programmes, and ensure compliance with stringent defence security and regulatory requirements. This role demands deep expertise in identity platforms, security architecture and MOD-compliant IDAM design.
IDAM Architecture & Strategy
- Design enterprise-scale identity and access management architectures supporting defence operations
- Architect secure authentication, multi-factor authentication (MFA) and authorisation frameworks
- Design role-based access control (RBAC), attribute-based access control (ABAC) and privilege access management (PAM) solutions
- Develop identity governance, access lifecycle management and entitlement management strategies
- Lead IDAM technology evaluation and vendor selection processes
Security & Compliance
- Ensure IDAM architectures comply with MOD Classification Guides, Defence Security Policy and ITAR regulations
- Design identity solutions supporting defence contractor personnel vetting (PRF) requirements
- Architect data protection and encryption strategies aligned with defence security standards
- Lead security risk assessments for IDAM systems and vulnerabilities
- Design audit and logging capabilities supporting MOD compliance and forensic requirements
IDAM Modernisation & Implementation
- Lead design and implementation of modern IDAM platforms (AD/Azure AD, Okta, Ping, ForgeRock)
- Design cloud-ready and hybrid identity solutions supporting multi-cloud environments
- Guide API-driven identity architecture and microservices-based identity solutions
- Lead IDAM system migrations and technology modernisation programmes
Technical Leadership & Governance
- Lead IDAM technical teams and provide architectural mentoring
- Establish IDAM design standards, architecture patterns and operational governance
- Drive technical decision-making through IDAM design reviews
- Document IDAM architecture decisions and design specifications
Integration & Operations
- Design IDAM integration with enterprise applications, systems and cloud platforms
- Architect identity federation, single sign-on (SSO) and cross-domain authentication
- Support IDAM operational readiness, performance monitoring and incident response
- Establish IDAM lifecycle management and continuous improvement processes
Customer & Stakeholder Engagement
- Serve as technical authority for IDAM architecture discussions with customer leadership
- Present identity and access management recommendations to defence programme teams
- Lead IDAM design workshops and customer validation activities
Security Clearance
- Must hold or be eligible to obtain DV clearance - Essential
- 10 years continuous UK residency required
Experience & Expertise
- Minimum 12 years' identity and access management experience with 5+ years in architecture role
- Proven experience designing enterprise-scale IDAM solutions
- Strong background in defence, aerospace or government IDAM programmes
- Demonstrated expertise with modern identity platforms (Azure AD, Okta, Ping, ForgeRock)
- Track record of leading IDAM modernisation and technology transformation programmes
Technical Knowledge
- Deep expertise in IDAM architecture patterns, methodologies and best practices
- Expert-level knowledge of identity technologies including LDAP, Active Directory, OAuth, SAML and OpenID Connect
- Strong understanding of Azure AD, Office 365 identity, hybrid identity and cloud-native identity solutions
- Proficiency in privilege access management (PAM), role/attribute-based access control (RBAC/ABAC)
- Knowledge of identity governance, access certification and entitlement management
- Expertise in API security, service-to-service authentication and microservices identity
- Familiarity with MOD security requirements, Classification Guides and defence compliance
- Understanding of cryptography, encryption and security protocols
Personal Attributes
- Exceptional strategic thinking with strong technical depth
- Outstanding communication and stakeholder engagement skills
- Strong problem-solving and analytical capabilities
- Proven ability to lead technical teams and influence senior stakeholders
- Commitment to security and compliance excellence
- Experience with defence or aerospace IDAM programmes
- CISSP, CISM or equivalent security certifications
- Azure AD or Okta advanced certifications
- Experience with identity-driven security and zero-trust architecture
- Knowledge of ITAR compliance and export controls
- Highly competitive salary and comprehensive benefits package
- Enhanced pension and private medical insurance
- Flexible working and professional development support
- Opportunity to architect critical identity systems for major defence organisations
Existing DV clearance is essential. Applicants must have 10 years continuous UK residency.
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf.