Digital Identity / IAM Lead

Halfords is on a journey - building the future of motoring and cycling and looking for people who want to help shape what comes next. We’re a place for cocreators: people who want to make a real impact, take ownership and be part of something that’s still evolving.

Technology at Halfords is at a turning point. We’re modernising our foundations, sharpening our delivery, and ensuring every technology decision is connected to real commercial and customer outcomes.

We're looking for people who act as trusted advisors to the business, take end-to-end accountability for outcomes, and can balance pace with long-term architectural integrity. Innovation here means practical, scalable solutions, not ideas that stay on whiteboards.

As Digital Identity / IAM Lead within our Technology Infrastructure function, you'll take clear ownership of a capability that sits at the heart of how we secure access across our business. Identity underpins everything from colleague and customer access to privileged users and third-party suppliers, and this role ensures it's managed with the consistency, rigour, and strategic direction it requires. Reporting to the Head of Infrastructure, you'll own the identity strategy and governance model across all domains, setting the standards and holding partners accountable for delivery.

Day to day, you'll define and govern identity standards across IGA, SSO, MFA, and Conditional Access, and lead the end-to-end joiner, mover, leaver governance model in close collaboration with HR, Retail, Digital, and Garage teams. You'll manage our outsourced identity delivery partner, act as the subject matter expert for technology programmes, and work alongside Cyber and Information Security to ensure identity controls remain consistent with our wider security posture. Reporting on identity health metrics, you'll give leadership clear, meaningful visibility of risk and progress.

This is a role with genuine strategic scope, where you'll be building a prioritised maturity roadmap and driving the organisation toward least-privilege access and automated lifecycle management. If you combine deep technical knowledge of enterprise identity with the stakeholder management skills to influence across HR, Security, and Operations without direct authority, this is an opportunity to bring real structure and direction to a critical capability.

• →Own the enterprise digital identity strategy across workforce, customer, privileged, and third-party domains, maintaining a clear framework and ensuring alignment with the organisation's security and technology direction
• →Define and govern identity standards for IGA, SSO, MFA, and Conditional Access, setting policy and controls that apply consistently across the estate regardless of which team operates the underlying platform
• →Lead the joiner, mover, leaver governance model end to end, working with HR, Retail, Digital, and Garage teams to ensure access is provisioned accurately, reviewed regularly, and revoked promptly
• →Drive identity maturity improvement, building a prioritised roadmap that progresses the organisation toward least-privilege access and automated lifecycle management, with measurable milestones
• →Manage the outsourced identity delivery partner, setting clear performance expectations, reviewing outcomes against agreed standards, and escalating issues where required
• →Act as the identity subject matter expert for technology programmes, ensuring new services and integrations are built with access requirements defined from the outset
• →Collaborate with Cyber and Information Security on access reviews, PAM implementation, and identity-related incidents
• →Report on identity health metrics including access review completion, orphaned accounts, MFA adoption, and privileged account compliance, giving leadership clear visibility of risk and progress
  
  

• Proven experience leading enterprise identity strategy, covering IGA, SSO, MFA, and Conditional Access in a complex, multi-site environment
• Strong working knowledge of Microsoft Entra ID, with the ability to define governance standards and requirements for a platform operated by others
• Sound understanding of Zero Trust and least-privilege principles, with the ability to translate these into practical, deliverable access controls
• Experience designing and governing JML processes across a diverse workforce, including retail and operational colleagues
• Confident managing an outsourced delivery partner, including performance management and driving service improvement
• Strong stakeholder management skills, with the ability to influence across HR, Security, Product, and Operations without direct authority
• Familiarity with identity-related compliance obligations, including access certification and UK GDPR
• Experience in UK retail, omnichannel, or multi-site operations would be an advantage, as would exposure to CIAM platforms or PAM tooling such as CyberArk or BeyondTrust
• Relevant certifications such as SC-300 or CISSP are desirable but not essential
  
  

Apply now Back to search results