A leading UK financial services organisation is seeking an experienced Identity & AI Security Specialist to support the secure adoption of agentic AI capabilities across enterprise platforms and cloud environments. The successful candidate will lead the design and implementation of modern machine identity controls, strengthen AI identity assurance, and enhance operational resilience in line with UK and EU regulatory expectations.
Key responsibilities will include:
You must be based in the UK to be considered for this role and this is an inside IR35 contract role working via umbrella company
Key responsibilities will include:
- Leading the rollout and operationalisation of SPIFFE/SPIRE-based workload identity frameworks across cloud-native environments.
- Integrating machine identity solutions with AWS services, including IAM Roles Anywhere and STS Tags.
- Design and implement sender-constrained token mechanisms (Proof of Possession / PoP) to mitigate credential theft and replay attacks.
- Harden OAuth On-Behalf-Of (OBO) and delegated identity flows through enhanced claim validation, short-lived credentials, and just-in-time (JIT) access controls for non-human identities.
- Develop and enhance SOC playbooks focused on identity-centric AI and agentic threats, including:
- Contribute to enterprise threat modelling activities for AI agents and non-human identities.
- Ensure full traceability and auditability of AI agent actions back to accountable human identities in alignment with EU AI Act Articles 12 and 14.
- Support the secure deployment and governance of AWS Bedrock capabilities, including:
- Collaborate with governance, risk, and compliance stakeholders to align AI security controls with DORA, FCA Operational Resilience requirements, and broader regulatory obligations.
- Provide technical leadership and subject matter expertise on secure AI adoption across the organisation.
- Strong experience within UK financial services environments.
- Deep understanding of financial sector regulatory frameworks, including:
- DORA
- FCA Operational Resilience
- EU AI Act
- Hands-on experience implementing SPIFFE/SPIRE or equivalent workload identity solutions.
- Strong AWS security engineering experience, including integration with IAM Roles Anywhere and STS.
- Practical experience with AWS Bedrock and associated AI services.
- Strong understanding of modern identity architectures, federation, OAuth/OIDC, and non-human identity management.
- Experience securing AI/ML platforms and agentic AI ecosystems.
You must be based in the UK to be considered for this role and this is an inside IR35 contract role working via umbrella company
