Arbuthnot Latham has been associated with banking since 1833. We combine private and commercial banking, wealth planning and investment management. We believe in traditional relationship and service-led banking powered by modern technology.

 Job Purpose

This role is for a Microsoft 365 Specialist with a specialist focus on Identity and Access Management, this role will provide end to end administration and maintenance of Microsoft 365 applications, including technical Issues and requests for Microsoft 365 related applications with a specific focus on Identity and Access Management across the enterprise estate. 

The role will also take ownership of the identity lifecycle processes, access governance, and will support compliance and audit requirements across the Microsoft 365 and EntraID estate.

Job Description

Key Responsibilities

• Review, enhance and manage the Role Based Access Management (RBAC) configuration as well as onboarding and deploying enhanced RBAC across the estate.
• Conditional Access policy design & management.
• Privileged Identity Management (PIM) administration and support of our Supporting Zero Trust strategy.
• Provide professional and proactive administration for Microsoft 365 applications.
• Develop and implement changes within the M365 platform.
• Champion Microsoft 365 based solutions embracing new functionality and increasing user adoption.
• Liaise with internal customers to ensure that business requirements of the application are fulfilled.
• Collaborate with other teams to develop system integrations, data migration and automated testing.
• Address machine identity and secrets hygiene as an ongoing implementation activity.
• Establish operational runbooks, monitoring and audit/logging for compliance, risk and incident response.
• Perform secrets and privileged-account discovery, normalization and vaulting. Use discovery to inventory privileged accounts/secrets, define folder/template hierarchy and import/clean accounts before onboarding into the vault. 
• Implement automated rotation and lifecycle controls for secrets and machine credentials. Automate credential rotation, integrate with CI/CD and workload platforms, and plan for synchronized rotation where workloads consume credentials in multiple locations.
• Configure access policies, conditional controls and enforce least privilege in the platform. Define role/group templates, conditional/step-up policies and RBAC/approver workflows, minimizing custom code and templating configurations for scalability.

Key Interfaces

• IT Team in particular the IT Infrastructure and Operations team and service desk.
• Operational Resiliency Team
• All business areas across the Group
• 3rd party suppliers
• Microsoft Account Management Team

•  Microsoft 365 certification, with demonstratable experience delivering Microsoft 365 solutions in a fast-paced environment.
•  Significant experience of Microsoft 365 Administration, including IDAM, the Microsoft Admin Centre’s, SharePoint and other core apps.
• Understand M365 Teams integration capabilities with M365, SharePoint Online and Third-Party Apps.
•  Experience maintaining a thorough understanding of existing and emerging Microsoft 365 core technologies.
• Experience of producing high-quality documentation and user guides for the wider business.
• Experience in undertaking business impact assessments for major M365 updates, as well as analysing complex technical issues and proposing appropriate solutions.
• Experience of working with third party providers e.g. Microsoft technical support, Consultancies etc.
• Experience administering EntraID Conditional Access, PIM, Custom Security Attributes, Access Packages (EPM)
• Experience with identity governance frameworks (e.g., JML workflows, access reviews).
• Experience with Microsoft Graph API.
• Experience of working with KeyCloak identity platform.
• IDAM configuration based on the Microsoft EntraID platform, Microsoft Active Directory as well as other 3rd party providers.
• Experience of working with and gaining ISO27001 adoption.
• Working knowledge and hands‑on platform configuration (PAM/AM/IGA), scripting for integrations, CI/CD/DevOps familiarity, secrets/certificate lifecycle knowledge, testing and observability tooling, vendor/partner management, and the ability to translate technical outcomes into outcome‑driven metrics.

Qualifications

Minimum of one below is required:

• Microsoft Certified: M365 Administrator
• Microsoft Certified: Identity and Access Administrator Associate

• CompTIA Linux+
• ITIL V4
• KeyCloak

Competencies

• Problem Solving & Judgment
• Customer Focus
• Planning & Reviewing
• Performance Focus
• Expert Knowledge
•  Communication & Confidence

Life, Work and Benefits

At Arbuthnot Latham, we seek proactive individuals who embrace high standards and bring the energy needed to drive success. In return, you can thrive in a dynamic environment that values your innovative ideas and provides the stability and support for your personal and professional growth.  Our human-scale ethos means that everyone is recognised as an individual, not just a number, creating a workplace where you truly belong and thrive.  

As a service led, relationship driven bank, in-person collaboration and wellbeing are important to us and drives our inclusive culture.  With this in mind, our Agile Working Policy offers one day a week working from home.

Benefits

• Competitive holiday allowance with the ability to buy / sell / rollover up to five days per year
• Pension via market leading provider
• Private Healthcare cover
• 4x Life Assurance
• Discretionary Bonus
• Access to a suite of flexible benefits including Cycle to Work Scheme, Gym Scheme, Health Assessment, Season Ticket / Travel loans and Dental insurance as well as other discounts / vouchers

Data Privacy and Reasonable adjustments

We take keeping your data security seriously.  For more detail on how we may keep your data please refer to our Privacy Notice

https://careers.arbuthnotlatham.co.uk/files/RecruitmentPrivacyNotice.pdf

Reasonable adjustments: Please let us know of any adjustments or arrangements that you may need to help you apply to this role or that will help you during the recruitment process. If you wish to discuss any particular requirements or concerns you have because of a disability or medical condition please contact us at [email protected]. Information you provide about any disability or medical condition will remain confidential unless it is necessary to disclose it to other members of staff or outside agencies to ensure the health and safety of yourself and others, or to implement the adjustments you require. In these circumstances we will first discuss with you how and to whom the information may be disclosed.