Technical Architect (MFA & Access Controls)
Role details
Job location
Tech stack
Job description
Methods is seeking an experienced MFA Architect / Lead to support a critical cyber security programme aligned to DSPT and NCSC CAF frameworks. This role will focus on designing, implementing, and governing Multi-Factor Authentication (MFA) controls across a complex estate of cloud and on-premise systems, ensuring risk reduction and audit readiness across critical services.
Discovery & Assessment
- Identify and catalogue critical systems lacking MFA coverage
- Map users, access routes, and authentication flows across hybrid environments
- Assess feasibility of MFA implementation across legacy and modern platforms
️ MFA Design & Control Definition
- Design MFA controls across cloud and on-premise systems (e.g. Azure AD, Okta, Duo)
- Define compensating controls for systems where MFA cannot be implemented
- Collaborate with technical and business stakeholders to agree risk-based approaches
️ Architecture & Process Design
- Define MFA architecture, integration patterns, and authentication flows
- Design user enrolment, lifecycle management, and exception handling processes
- Produce clear, auditable documentation aligned to DSPT/CAF expectations
Implementation & Assurance
- Oversee rollout of MFA across in-scope systems and users
- Ensure supporting policies, configurations, and controls are in place
- Provide evidence of implementation, including logs, test results, and audit artefacts
Governance & Continuous Improvement
- Establish ongoing review and assurance processes for MFA controls
- Support senior stakeholder engagement and approval (CDO / programme level)
- Drive continuous improvement aligned to evolving risk and compliance requirements
Requirements
- Strong experience delivering enterprise MFA solutions across hybrid estates
- Deep knowledge of identity and access management (IAM) principles
- Hands-on experience with tools such as Azure AD / Entra ID, Okta, Duo, Ping
- Experience designing compensating controls for legacy systems
- Strong understanding of DSPT, NCSC CAF, ISO 27001 or similar frameworks
- Experience producing audit-ready documentation and assurance evidence
- Ability to engage both technical and senior business stakeholders, * Experience within UK Public Sector / Healthcare environments
- Familiarity with Privileged Access Management (PAM) solutions
- Knowledge of Zero Trust architectures
Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.
Benefits & conditions
- Autonomy to develop and grow your skills and experience
- Be part of exciting project work that is making a difference in society
- Strong, inspiring and thought-provoking leadership
- A supportive and collaborative environment
Development - access to LinkedIn Learning, a management development programme, and training
Wellness - 24/7 confidential employee assistance programme
Flexible Working - including home working and part time
Social - office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes
Time Off - 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year
Volunteering - 2 paid days per year to volunteer in our local communities or within a charity organisation
