About the role

This role sits within the Network Cloud team, responsible for securing critical national infrastructure platforms through robust Identity & Access Management and Privileged Access Management controls.
You will ensure secure access to Domain 1 and Domain 2 platforms, supporting compliance with the Telecommunications Security Act (TSA) and BT’s internal security standards. You’ll play a key role in protecting services by enforcing least privilege, secure authentication, and automated access processes at scale.

SC Clearance eligibility is required for this role

This role can be based in either Manchester or Ipswich & requires 3 days in office

What you’ll be doing

• Design and implement Identity & Access Management (IAM) controls across Network Cloud platforms (Linux, OpenStack, Kubernetes and tooling)
  
• Lead the deployment and operation of Privileged Access Management (PAM) solutions (e.g. CyberArk)
  
• Define and enforce least privilege access models, RBAC and account segmentation
  
• Support authentication, federation, and MFA integration (e.g. AD, LDAP, SSO)
  
• Ensure compliance with TSA and internal security controls, including audit and evidence production
  
• Automate account onboarding, rotation, and decommissioning using pipelines and infrastructure-as-code
  
• Integrate IAM controls into CI/CD pipelines and platform automation (Terraform, Ansible, Jenkins)
  
• Manage and support large-scale account estates across production and test environments
  
• Investigate and resolve security and access-related incidents
  
• Work with internal teams and vendors to improve security standards and integration patterns

Essential Skills / Experience

• Strong experience in Identity & Access Management and/or Privileged Access Management (e.g. CyberArk)
• Solid understanding of Linux access controls and system administration
• Experience working in cloud or large-scale infrastructure environments
• Knowledge of security frameworks and regulatory requirements (e.g. TSA, ISO27001)
• Experience with automation and scripting (Python, Bash, Terraform, Ansible)
• Ability to manage risk, compliance, and audit activities

Desirable Skills / Experience

• Experience with network security platforms (e.g. DDoS, Arbor, firewalls)
• Familiarity with CI/CD tooling (e.g. Jenkins)
• Knowledge of certificate and secrets management
• Experience in enterprise-scale environments with complex access models

Our Package

• On target 10% on target bonus​
• BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%​
• From January 2025, equal family leave:  receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up.​
• Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more.​
• 25 days annual leave (not including bank holidays), increasing with service​
• 24/7 private virtual GP appointments for UK colleagues​
• 2 weeks carer’s leave ​
• World-class training and development opportunities​
• Option to join BT Shares Saving schemes.