Overview

IAM Analyst – London, N1C 4AG, United Kingdom 

Job Summary:

We are UMG, the Universal Music Group. We are the world’s leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.

We are currently seeking an IAM Analyst to join our Global Tech Security team. The ideal candidate will have exposure across the Identity & Access Management (IAM) stack. Primary focus will be on providing data analysis and reporting on enterprise-grade solutions across Privileged Access Management (PAM), Identity Governance and Administration (IGA), Public Key Infrastructure (PKI), Directory Services, Federation, and more. This role requires a combination of strong communication and critical thinking skills with strong attention to detail.

Job Functions:

  • Research and provide data analyst for IAM tools across the enterprise including CyberArk, Ping DaVinci, Microsoft EntraID (formerly Azure AD), HashiCorp Vault, Digicert, and Saviynt.

  • Support the implementation and enhancement of IAM services including: – SSO/Federation (SAML, OIDC, WS-Fed) – MFA/Passwordless – Privileged Access Management (PAM) – Identity Governance (IGA) – PKI and certificate lifecycle automation – Directory services (AD, EntraID).

  • Track automation scripts and integrations for IAM workflows using tools such as PowerShell, Python, or Terraform.

  • Communicate design and implement access controls and policies that align with security and compliance standards (SOX, GDPR, etc.).

  • Evaluate AI-powered tools and methodologies to improve identity lifecycle efficiency, risk detection, and operational decision-making.

  • Participate in lifecycle management processes for accounts, credentials, roles, and policies across systems and applications.

  • Collaborate with InfoSec, Infrastructure, and App teams to ensure secure identity architecture for on-prem and cloud environments.

  • Maintain high-quality documentation and architectural diagrams.

  • Monitor and report metrics on IAM system performance, adoption, and audit readiness.

Job Requirements:

Essential Qualifications

  • 2+ years of experience in IAM engineering teams.

  • Some proficiency of technical expertise in one or more of the following: CyberArk, Ping Identity, Microsoft EntraID, Saviynt, HashiCorp Vault, Digicert, Onfido.

  • Understanding of IAM protocols and standards: SAML, OIDC, OAuth2, LDAP, Kerberos, SCIM, JIT.

  • Familiarity with cloud platforms (Azure, AWS, GCP) and IAM integrations.

  • Proven ability to work independently and cross-functionally in a global team.

  • Strong troubleshooting, documentation, and communication skills.

  • Strong communication skills for both technical details and business acumen.

Desirable

  • Bachelor’s Degree in Computer Science, Engineering, or a related technical field.

  • Professional certifications such as: CISSP, Security+, Microsoft Certified: Identity and Access Administrator, CyberArk Defender, Ping Identity Certified Professional.

  • Experience with AI/ML integration into IAM workflows or security analytics.

  • Experience supporting IAM functions in media or entertainment industry environments.

  • Experience working on a global team covering multiple time zones.

 

Before you apply -
Register now and turn on alerts for jobs like this!

  • To apply for this position, receive job notifications and manage your applications, click "Register with Diversity Jobs Group".
  • To apply for this position without registering, click "Apply with Customer".

By registering you agree to our terms and conditions.

Apply with Customer

IMPORTANT: Before applying for this role, please make sure you have the right to work in the country where the role is based. Unless it clearly stipulates within in the job advert above that the hiring company is looking to or able to sponsor applicants it is deemed that the hiring employer will only consider applications from those able to comply with and work in the country where the role is based.