Identity Access Management Engineer
Hong Kong, Hong Kong

A career at Arup offers you the chance to make a positive difference in the world. Independently owned and independently minded, we attract a diverse mix of people to work on ground-breaking global projects.

We have an ambitious commitment to be the digital leader in the built environment and have digital teams and experts all over the world, who collaborate on world-leading software, data and technology projects and products.

Being a global team means we value people with diverse experiences, backgrounds, specialisms and skills.

The role

We currently have an opportunity for an identity access management engineer to join our global team. You will be implementing multiple business to consumer services for Arup and our subsidiaries while also playing a major role in the team that looks after authentication and authorisation for the firm.

It is an exciting time to join the Identity Access Management (IAM) team which has responsibility for organisational wide, fit-for-purpose, identity platforms and services.

We’ve recently launched an industry first business to business automated authentication service.

The role reports to the head of identity access management who is based in Newcastle, UK.

One of the best parts of our culture is the diversity - it allows us to be more effective, productive, tolerant and most importantly welcoming.

I really enjoy working in a team that is doing really interesting and innovative work.

Adrian, Toronto

You should apply if :

  • You would relish a working culture that will support your skills and career development
  • You have strong interpersonal and communication skills, and enjoy working with diverse stakeholders
  • You are motivated by the potential of technology to transform a global business
  • Responsibilities of the role include :

  • Managing Arup’s directory services (Active Directory, Azure Active Directory, Azure Active Directory Connect)
  • Delivering privileged identity management and its applications to groups / roles
  • Managing conditional access policy, including business and user impact
  • Managing other Azure AD identity and security technologies and services such as identity risk, device management and enterprise applications
  • Managing sync services such as AAD Connect, FIM, MIM and ADFS service
  • Bringing a culture of implementing Identity lifecycle management to all aspects of the role
  • Implementing report and audit capabilities into solution designs, as well as utilising role-based access control implementation as a foundation of new design
  • Keeping up to date with new authentication mechanisms and their possible benefits throughout the business
  • Representing IAM as a service and promoting cyber standards to our stakeholders and end users
  • Requirements and skills

    Essential skills and knowledge :

  • Previous experience of implementing an Azure B2C tenant and associated management activities
  • Significant experience of providing identity related services to customers, including identity lifecycle management
  • Solid understanding and implementation experience of IAM governance
  • Excellent understanding of cyber security concepts and how identity governance supports cyber security goals
  • Previous experience of developing identity and access related policies and standards
  • Extensive knowledge of AD, Azure AD, ADFS, FIM, MIM, AD Connect, B2B and B2C
  • Exposure to identity related security technologies in Azure SSPR, PIM, conditional access, multifactor authentication
  • Excellent understanding of authentication mechanisms and standards
  • Experience of developing and implementing role and attribute-based access control models
  • Desirable skills and knowledge :

  • Knowledge of IT service processes (ITIL) and best practices can manage risk
  • Strong communication and reporting skills
  • Required behaviours :

  • Professional, with attention to detail - always seeking quality and excellence in their work
  • Collaborative approach and willingness to work as an integral part of the team
  • Excellent consulting and stakeholder management skills, ability to challenge and influence, as well as being an agent for change
  • Strong influencing and negotiation skills working with multiple stakeholders (at all levels and across regions / virtually) with differing or complex views- with an ability to assess a situation and confidently influence and define the best approach to achieve the desired outcome
  • A problem-solver, always seeking the best solution for the right outcome
  • Friendly manner, with a willingness to adapt style and approach to achieve quality results
  • Self-motivated, results-focussed, pragmatic with the ability to manage conflicting deadlines and prioritise
  • Rapid, enthusiastic learner who quickly becomes a leading authority on new capabilities and tools and take others on the journey
  • Enjoys engaging and collaborating with others in different culture, countries and time zones on a day-to-day basis with some adhoc travel anticipated
  • Please don’t be discouraged if you don’t meet every point above if you meet most, and are strongly motivated by the role, and willing to learn, we are still interested in hearing from you.


  • Educated to degree level, or equivalent experience is desirable
  • Professional technical accreditations such as MCP, MCSE, VCP, NCIE is desirable
  • Cyber security or IAM related certification is desirable
  • Reward and Benefits :

    We offer a competitive remuneration package commensurate with qualifications and experience to the right candidate including Global Profit Share scheme, additional fringe benefits of maternity / paternity leave and long-term career development opportunities.

    Personal data collected will be used for recruitment purpose only. Applicants not contacted within 8 weeks may consider their applications unsuccessful.

    No agencies please

    Stay safe online - Arup will never ask for payment or your bank details as part of our recruitment process.


    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“繼續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。