Skip to main content
Back to jobs

Lead Platform Engineer

External
morningstar logoMorningstar · London, UK
Full-timeHybridToday
AgileAzureCapacity PlanningDocumentationIAMLeadership
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

The Lead Platform Engineer working in the IAM team is responsible for enterprise-wide identity and access management across both Microsoft and Okta platforms. This highly visible role partners closely with teams across the organization, requiring a proactive, innovative mindset and a willingness to think beyond conventional approaches. Operating within an Agile environment, the team moves at pace to adapt to evolving business needs. Our technologists bring a diverse range of expertise and share a commitment to treating technology as a craft, with a strong focus on delivering high-quality, customer-centric outcomes. The team underpins critical business services, enabling key functions across the organization to deliver seamless and exceptional user experiences.

Responsibilities

  • Lead, mentor, and develop a team of IAM Engineers, fostering a culture of technical excellence, collaboration, and continuous improvement.
  • Define engineering standards, best practices, and technical direction across the IAM platform.
  • Provide technical leadership through architecture reviews, design discussions, and coaching.
  • Drive project planning, prioritisation, and team capacity planning to ensure successful delivery.
  • Contribute to the long-term IAM strategy and technology roadmap.
  • Design, build, and evolve enterprise Identity and Access Management solutions using Okta and Microsoft Entra ID.
  • Engineer and automate Joiner, Mover, Leaver (JML) lifecycle processes using Okta Workflows.
  • Design and implement secure Single Sign-On (SSO), Multi-Factor Authentication (MFA), and identity governance solutions.
  • Integrate enterprise applications using SAML, OAuth, OpenID Connect (OIDC), SCIM, and other modern authentication standards.
  • Engineer and maintain hybrid identity services across Active Directory and Microsoft Entra ID.
  • Develop PowerShell automation to improve provisioning, administration, and operational efficiency.
  • Own the health, scalability, resilience, and security of the enterprise identity platform.
  • Lead the planning, design, and implementation of IAM projects and platform enhancements.
  • Produce and maintain technical documentation, architecture diagrams, runbooks, and engineering standards.
  • Provide technical guidance during major incidents and act as the escalation point for complex identity-related issues.
  • Collaborate with Security, Infrastructure, Cloud, and Application teams to deliver secure identity solutions.
  • Evaluate emerging identity technologies and recommend improvements that enhance security, automation, and user experience.

Requirements

  • Bachelor's degree in Computer Science , Information Technology, or a related discipline (or equivalent practical experience).
  • Experience leading or mentoring engineering teams in an enterprise technology environment.
  • Strong hands-on experience engineering enterprise Identity and Access Management solutions.
  • 3+ years' experience with Okta Single Sign-On (SSO) and Lifecycle Management.
  • 3+ years' experience with Okta Identity Governance (OIG).
  • 3+ years' experience designing and building solutions using Okta Workflows.
  • 5+ years' experience working with Active Directory in complex enterprise environments.
  • Strong knowledge of Active Directory Group Policy and hybrid identity architectures.
  • Experience with Microsoft Entra ID (Azure Active Directory).
  • Experience with Azure Application Proxy or similar application proxy technologies.
  • Strong PowerShell scripting skills with a focus on automation.
  • Experience with Microsoft Certificate Services.
  • Excellent troubleshooting, analytical, and problem-solving skills.
  • Ability to lead technical initiatives while remaining hands-on with engineering work.
  • Excellent communication and stakeholder management skills. Self-motivated with the ability to work autonomously in a fast-moving environment.
  • Desirable:
  • ServiceNow
  • Splunk
  • Basic knowledge of System for Cross-domain Identity Management
  • Base Salary Compensation Range
  • GBP 59.400,00-82.866,66 Bonus Target:
  • 12,5% Annual
  • We expect the compensation and target bonus for this role to fall within the stated range. The specific compensation offered will depend on the candidate's qualifications, experience, and other job-related factors.
  • 001_MstarInc Morningstar Inc. Legal Entity

Benefits

Health insuranceVision insurancePerformance bonus

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at morningstar? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect