Rodeo
ResourcesPartnersSign in

Intellias

Agentic Identity & Access Security Architect

London
Posted 13 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Senior Security Architect – Agentic Security & AI-Ready Data Foundations

Location: London Industry: Financial Services | AI/Quantitative Investing ** Firm:** Leading global investment manager

About the Firm

Our client is a $228+ billion asset manager, specialising in quantitative investing, systematic trading, and AI-driven research. At the intersection of finance and technology, they operate in highly regulated environments where data science, machine learning, and agentic AI are crucial to their operations. This role sits within a cross-functional team embedding enterprise security controls for cutting-edge AI adoption.


Project Overview

We are shaping two foundational pillars for secure, scalable AI:

  1. Agentic Security: Designer of authentication, scoped access, and runtime security for autonomous agents in a large, regulated financial estate—eliminating blind spots in credential management.
  2. AI-Ready Data Foundations: Architecting identity patterns, credential flows, and delegation standards ensuring safe agentic interaction with core systems, from production secrets to multi-cloud infrastructure.

Key challenge: Agents inherit human context + long-lived secrets, creating unprecedented risk. Your work will redefine secure interaction designs—e.g., short-lived credentials, real-time approvals—making compliant operations default, not optional. This is not just theory: a hands-on role tweaking code in production, enforcing automation where copy/paste once ruled.


Primary Responsibilities

Security Architecture & Design

  • Agentic Runtime Security Model: Define an agent-operating framework—how agents authenticate, request scoped access, and execute safely, addressing underlying IaC and containerisation.
  • Credential Quantity & Qualities: Replace long-lived secrets yesterday with ephemeral, risk-gated (e.g., CrowdStrike-style scoring), task-scoped credentials via OIDC/JWT.
  • Policy Stackation: Layer guardrails atop agents, including policy-as-code + human review, bridging regulatory compliance and reactivity to emerging threats.
  • Toolchain Enforcement: Establish an opinionated onboarding standard (primarily Microsoft’s MCP interface) for developer adoption, emphasising better defaults over mandates.
  • Audit & SIEM: Centralise logs, configure behavioural baselines for agentic workflows, and harden action-attribution (e.g., distinguishing when an agent stealthily finds permissions).

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Engineering & Infrastructure

  • IaCOwnership: Architect Terraform-driven self-service identity patterns deployable without AD-level redesign; migrate away from legacy (e.g., AD groups/DL usage).
  • Token Flows: Debug/scalable flows for dynamic secret rotation, including migration from long-lived tokens to Vault or HashiCorp Vault-based policies.
  • Identity Evolution:
    • Hands-on with JWT/OIDC/OAuth2. Prefer delegation > flat permissions.
    • Pragmaticzg management of AD + Entra + LDAP, e.g., mapping permissions across nested groups.

Delivery Governance

  • Security as Opinion: Shape an adder-friendly guardrail layer that embeds security seamlessly in rapid deployments, not via friction.
  • Beachhead Strategy: Bound risk to tangible pilots—e.g., user auth → delegation to private TKTs.

Key Requirements

Core

  • 8+ years in security architecture/platform engineering, shipping production-grade IaC, tools, and code.
  • Principal/staff level fluency in OIDC/OAuth2 JWT flows (especially claims design, token delegation).
  • Deep HashiCorp Vault expertise: strategic secrets rotation, cooperative Vault policies, and legacy-token breakage plans.
  • Keycloak (especially Terraform-driven policies/variables) familiarity.
  • Microsoft platforms: MCP adoption, Active Directory + Entra, and risk-scoped credential/risk-signal integration (e.g., CrowdStrike alerts).
  • Prismatic Terraform for reproducible setups, not per-team spaghetti.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Nice-to-Haves

  • Agentic/LLM security research (agents inherently probe permissions programmatically, not collaterally).
  • JIT task delegation frameworks (e.g., command-and-request routes between humans/agents).
  • LBAs (Leaderboard Members/Black Belt Community) with applied risk detection (e.g., Envoy Happiness measurement inputs).
  • Whence Hornscan/Mandiant-style anomaly detection at scale.
  • Patina workforce privilege identity sizing (quantification of vaulted secrets).
  • Client/Consulting experience where Rust/Go terraformed toolchains help grow 4-digit annual revenues.

Why This Role?

You’ll design platforms at the very front end of AI maturity, merging high-finance governance with emerging AI threat surfaces. Shape how firms safeguard data without suffocating clever delegation — this is a divorce of core value from grass-fire risks. Shipping will focus as much on next-gen delegation as on internal reviews.


[More disposable notes: Expect significant interaction with quant/fixed-income clients.]

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Security Architecture
Platform Engineering
OIDC
OAuth2
JWT
HashiCorp Vault
Keycloak
Terraform
Active Directory
Anomaly Detection
SIEM Integration
Data Governance
AI Technologies
Consulting
Risk Management
Credential Issuance

Location

London, England, United Kingdom

Sign up to applySee more jobs like this