Principal Security Solution Architect (IAM)

About us 

At Dyson, we are not just creating innovative, technology-enabled products; we are also breaking new ground in cybersecurity. Our products are becoming more advanced and interconnected, which means we face a constantly evolving cyber threat landscape. This requires a highly skilled candidate to join our team, with a passion for staying ahead of emerging threats and keeping our products secure. 

We take a proactive approach to cybersecurity. We do not wait for threats to emerge; we anticipate them and respond with innovative solutions. This means that at Dyson, you will have the opportunity to work with innovative technologies, like artificial intelligence and machine learning, to protect our products and customers. 

You will be part of a team of cybersecurity experts, utilizing the latest tools and technologies to identify and respond to threats in real-time. You will work closely with our engineering and product teams to ensure that security is integrated into every aspect of our business. 

Join our team at Dyson, and you will be at the forefront of cybersecurity, working on some of the most innovative and advanced products in the industry. You will have the opportunity to develop your skills and knowledge, collaborating with a talented team of experts to ensure we are always secure. If you are passionate about cybersecurity and looking for an exciting and challenging role, Dyson is the place for you. 

About the role 

As an IAM Solutions Architect at Dyson, you will play a key role in implementing Zero Trust security principles to protect our innovative technology-enabled products. Working within our collaborative, global Cyber Security team, you will design and implement enterprise-class Identity and Access Management (IAM) solutions, with a focus on continuous verification of user identities and device security posture. You will also be responsible for managing role-based access governance, ensuring that access privileges are granted based on the principle of least privilege. 

Collaborating closely with our Global Head for Security Architecture and Engineering, you will drive the adoption of Zero Trust security principles and best practices across the organization. You will also work closely with colleagues across the Cyber Security and Risk (CSR) function to ensure that our products and data are secure and protected against evolving threats. 

In this role you will:

• Provide advisory services to management, helping to redesign IAM controls and acting as the Technical Product Manager to provide the necessary business, technical, and functional requirements for successful enrolment of enterprise-wide applications to the enterprise IAM infrastructure. 

• Identify, analyse, and resolve system design and development weaknesses for the resolution of complex problems related to identities, systems, access, accounts authentication, authorization, entitlements, and permissions. 

• Be responsible for identifying and recommending improvement areas in the existing enterprise IAM architecture to address evolving cybersecurity threats. 

• Balance business requirements with cybersecurity and information technology requirements based on the organization's risk appetite, develop, and integrate security operating models and documentation to ensure operational efficiency, scalability, and sustainability. 

• As a domain expert and trusted partner in CSR, work closely with stakeholders in other groups on cybersecurity engineering-related matters and manage cybersecurity projects with virtual teams/vendors ensuring successful implementation to meet organizational objectives. 

• Troubleshoot, support, and resolve system incidents, problems, and changes as required. 

About you 

To succeed in this role you should:

• Be able to work independently or as part of a team with minimum supervision. You should have technical certifications or other information security certifications, such as CISSP, CIAM, CISM, and ITIL, as well as cloud-related certifications in AWS, GCP, Azure, and other cloud platforms. 

• Demonstrate a deep understanding of all IAM topics, including identity and credential management, access management, privileged access management, and secrets management, and working knowledge of IAM-related tools such as active directory and its associated components, along with relevant ticketing software such as ServiceNow and privileged access management (PAM) platforms, e.g., BeyondTrust, Lieberman, Delinea. 

• Possess a good understanding of authentication and authorization concepts, including technical design and implementation for on-premises workload for applications and infrastructure, as well as cloud computing workload on Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) models. 

• Up to date with current IAM standards and protocols, including SAML, OAuth, OpenID, SCIM, and LDAP, as well as MFA mechanisms. Additional working knowledge of access management solutions like Okta, ForgeRock, or Azure would be a big plus. 

• Have practical experience in scripting or coding skills with languages like VBScript, PowerShell, Perl, JavaScript, etc., and a good understanding of REST APIs and JSON will be highly valuable to us. 

• Have hands-on experience in technical design, implementation, and customization of IAM security solutions, and be able to produce low-level design documentation and delivery updates. 

#LI-CY1

Dyson is an equal opportunity employer. We know that great minds don’t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.