Identity Security Engineer

Role overview

Aer Lingus is looking for an Identity Security Engineer to join the Cyber Engineering & Architecture team in Dublin. Reporting to the Senior Manager of Cyber Engineering & Architecture, this person will help strengthen and continuously improve the organisation’s identity security environment, including privileged access. The role is hands-on and focuses on identity security governance, secure-by-design architecture, lifecycle management, and access control processes.

What you will do

• Own and help evolve identity and privileged access security policies, standards, and reference architecture across Active Directory, Entra, and IGA platforms.
• Design, run, and improve identity lifecycle and governance workflows such as joiners, movers, and leavers, access requests, and access reviews using SailPoint.
• Support the rollout of a privileged access management platform and shape the related governance, lifecycle, and control processes.
• Continuously enhance identity security controls and IAM/PAM lifecycle operations through automation and self-service capabilities.
• Monitor identity security posture and drive ongoing control improvements.
• Act as a subject matter expert for identity-related incidents and investigations, supporting containment and remediation.
• Build identity metrics, reporting, and dashboards to give central visibility into control coverage, effectiveness, and risk.
• Work with application and platform teams to embed secure identity design patterns such as authentication, authorisation, RBAC, and least privilege.
• Keep documentation, blueprints, and configuration records up to date for identity security standards and platforms.
• Contribute to security architecture reviews across domains.
• Work with Cyber Defence to ensure identity telemetry is being monitored appropriately.
• Support alignment with compliance obligations and regulatory requirements.
• Provide guidance and oversight to third-party providers operating identity services and platforms.

What we are looking for

• At least 10 years of industry experience, including 5+ years in identity management or identity security engineering.
• Practical experience with Active Directory and/or Entra in an enterprise setting.
• Proven experience designing, implementing, and governing identity and access lifecycle processes through an IGA platform.
• Background in designing and deploying privileged access management controls and operating models.
• Experience partnering with stakeholders to introduce access governance and least-privilege controls.
• Strong grasp of IAM principles such as zero trust, least privilege, RBAC, access reviews, segregation of duties, and lifecycle governance.
• Ability to turn identity architecture ideas into usable standards, patterns, and blueprints.
• Experience applying identity controls consistently and documenting the results clearly.
• Good troubleshooting and analytical skills for identity and access issues.
• Strong communication and collaboration skills across cyber, technology, and business groups.
• Exposure to identity and security tooling such as SailPoint, CyberArk, BeyondTrust, Microsoft Defender for Identity, CrowdStrike Identity, and SilverFort.
• Scripting or automation experience, preferably with PowerShell, to improve governance processes.
• Knowledge of identity threat detection and integration with SOC monitoring.
• Understanding of non-human identity governance and modern authentication protocols.
• Relevant certifications such as Microsoft identity/security, CISSP, CISM, CIAM, or CRISC are desirable.

Additional information

This role sits within Digital & Information - IT Other.

Location: Dublin, County Dublin, Ireland.