Senior Security Engineer – Identity & Access Management (IAM)

Rothesay is the UK’s largest pensions insurance specialist, purpose-built to protect pension schemes and their members’ pensions. With over £70 billion of assets under management, we secure the pensions of more than one million people and pay out, on average, approximately £300 million in pension payments each month.

Rothesay is dedicated to providing excellence in customer service alongside prudent underwriting, a conservative investment strategy and the careful management of risk. We are trusted by the pension schemes of some of the UK’s best known companies to provide pension solutions, including British Airways, Cadbury, the Civil Aviation Authority, the Co-Operative, Morrisons, Smiths Industries and Telent.

At Rothesay, we are striving to transform our industry. We believe deeply in creating real security for the future and our leadership in finding new and better ways to do that is the key to our success. To do that, we need the very brightest original thinkers to bring creativity as well as rigour. Rothesay is a rewarding place to work, where quality people can thrive and prosper. We pride ourselves on the connections our people build, many of whom have been with us for over ten years.

Rothesay is undergoing a multi-year transformation to modernize our technology and security stack – a change fully backed by executive sponsorship. At the heart of this transformation is a significant investment in our Information Security function, and we are growing our Security Engineering team. 

This is a unique opportunity to shape and implement the identity fabric of a modern, cloud-first financial services firm. If you have a passion for IAM, enjoy solving complex problems, and want to help build secure, automated access controls in a fast-moving environment — we’d love to hear from you. 

What you’ll do: 

You’ll be a hands-on member of the Security Engineering team, driving the adoption of security capabilities across Desktop & Communications, Identity & Access Management, SDLC, and Security Architecture practices.  Your primary focus will be on building and operating the IAM capabilities that underpin secure access across Rothesay’s environments. You will: 

• Design, implement, and operate core IAM systems – including identity lifecycle management, access provisioning, RBAC/ABAC models, and just-in-time access. 
• Develop and enforce secure access patterns across cloud (AWS/Azure), SaaS, and internal platforms. 
• Contribute to IAM governance and policy automation, including policy-as-code, identity standards, and audit/attestation workflows. 
• Integrate IAM with CI/CD pipelines, infrastructure-as-code, and cloud-native services to ensure security is built-in from the start. 
• Support and extend federation, SSO (SAML, OIDC), and directory services integrations. 
• Partner with Engineering, DevOps, and Compliance to design scalable IAM solutions that meet both security and business objectives. 
• Contribute to Security Engineering’s broader capabilities across Desktop & Communications, Identity & Access Management, SDLC, and Security Architecture.  
• Identify and remove friction in user experiences without compromising on security. Helping to ensure security is treated as a first-class citizen. 
• Monitor for emerging threats and continuously improve controls, patterns, and organisational guidance. 

What we’re looking for: 

Required: 

• 5+ years in a technical security or engineering role, with at least 2 years specialising in IAM. 
• Experience building or operating IAM systems in cloud-native environments (AWS or Azure). 
• Practical understanding of identity lifecycle, authentication, authorisation models (RBAC/ABAC), and privilege management. 
• Familiarity with tools and standards such as AWS IAM, Azure AD, Okta, SAML, OIDC, SCIM, LDAP. 
• Strong communicator who can influence both technical teams and senior stakeholders. 
• Solid grasp of security principles, frameworks (e.g. NIST), and risk management as they relate to access controls. 

Desirable: 

• Experience with policy-as-code frameworks and automation (e.g. OPA, Terraform, CI/CD pipelines). 
• Exposure to Zero Trust architectures and modern access control models. 
• Prior experience in financial services, risk management, pensions, or insurance. 
• Relevant qualifications such as CISSP, CCSP, or certifications focused on IAM or cloud security. 

 This is your chance to help shape a future-proof IAM capability in a supportive, engineering-led team where your input will have a meaningful impact. 

 Rothesay competencies

• Dedication to role – Motivated to provide an effective support service across all facets of role
• Team Player – Demonstrates evidence of being a strong team player, collaborates well with others and encourages other team members
• Communication – Ability to communicate what is relevant and important in a clear, constructive and concise manner
• Organised - Ability to work under pressure and prioritise workload in a fast paced environment. Ability to work autonomously with limited supervision
• Creative and innovative – Looks for ways to improve current processes and help develop creative solutions that have practical value for the team
• Judgement and Problem Solving – Proactive, sees the big picture and willing to be flexible to solve issues as they arise

Disclaimer This position description is intended to describe the duties most frequently performed by an individual in this position. It is not intended to be a complete list of assigned duties, but to describe a position level.  The role shall be performed within a professional office environment. Rothesay Life has health and safety polices that are available for all workers upon request.  There are no specific health risks associated with the role.

Inclusion Rothesay actively promotes diversity and inclusivity. We know that our success depends on our people and that by nurturing a culture that values difference, we create a stronger, more dynamic business. We welcome applications from all qualified candidates, regardless of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability or age.