BAT is evolving at pace into a global multi-category business. Our purpose is to create A Better Tomorrow™ by Building a Smokeless World.
To achieve our ambition, we are looking for colleagues who are ready to join us on this journey! Tomorrow can’t wait, let’s shape it together!
British American Tobacco DBS has an exciting opportunity for IAM Solution Architect in Kuala Lumpur, Malaysia
Build and lead identity and access management frameworks aligned with business goals, security strategy, and compliance requirements. Drive automation and optimization of the Joiner-Mover-Leaver (JML) lifecycle management to ensure accuracy, efficiency, and audit readiness. Architect and enhance Saviynt-based IGA capabilities, covering access provisioning, certifications, and governance workflows. Provide technical leadership across hybrid identity environments (Active Directory and Microsoft Entra ID) and deploy modern authentication (SSO, MFA, Conditional Access, password-less) along with secure PKI management. Partners with interdepartmental teams and vendors to integrate applications (SAML, OAuth, OIDC, SCIM), uphold IAM standards, and deliver scalable identity solutions.
Your key responsibilities will include:
- Define and drive the enterprise IAM architecture and strategy, ensuring alignment with business and security objectives
- Lead the design and optimization of Joiner-Mover-Leaver (JML) lifecycle processes, ensuring automation, accuracy, and compliance
- Architect and enhance Identity Governance & Administration (IGA) capabilities using Saviynt, including access requests, certifications, and provisioning workflows
- Provide technical leadership across Active Directory (AD) and Microsoft Entra ID, ensuring secure, scalable, and resilient identity platforms
- Design and implement modern authentication solutions, including SSO, MFA, Conditional Access, and passwordless authentication also Oversee PKI and certificate lifecycle management, ensuring secure implementation and governance
- Lead application integration into the IAM ecosystem, including SAML, OAuth, OIDC, and SCIM-based provisioning
- Establish and enforce IAM standards, policies, and guidelines across the organization and ensure compliance with audit and regulatory requirements (e.g., SOX) and support audit remediation activities
- Collaborate with multi-functional teams (Security, HR, Infrastructure, Application Teams, Vendors) to deliver IAM initiatives and transformations
What are we looking for?
- Proven experience as an IAM Architect / Senior IAM Engineer with strong solution design capabilities
- Deep expertise in IGA, and good to have Saviynt, Microsoft Entra ID (Azure AD), and Active Directory
- Strong understanding of JML lifecycle processes, access governance, and identity lifecycle automation
- Hands-on experience integrating applications using SAML, OAuth, OIDC, and SCIM
- Solid knowledge of PKI, authentication technologies, and IAM security guidelines
- Experience working in hybrid identity environments (on-prem and cloud) and should good understanding of risk, compliance, and audit requirements (SOX, ITGC)
- Strong collaborator management skills with the ability to translate business needs into technical solutions
- Experience working in global environments and managing vendor partners with a proactive, can-do attitude and the ability to drive IAM transformation initiatives
What we offer you?
- We offer a market leading annual performance bonus (subject to eligibility)
- Our range of benefits varies by country and includes diverse health plans, initiatives for work-life balance, transportation support, and a flexible holiday plan with additional incentives
- Your journey with us isn't limited by boundaries; it's propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement, where your career progression isn't just a statement – it's a reality we're eager to build together. Seize the opportunity and own your development; your next chapter starts here.
- You'll have access to online learning platforms and personalized growth programs to nurture your leadership skills
- We prioritise continuous improvement within a transformative environment, preparing for ongoing changes
WHY JOIN BAT?
We’re one of the few companies named as a Global Top Employer by the Top Employers Institute – certified in offering excellent employee conditions.
Collaboration, inclusion and partnership underpin everything we do here at BAT. We are looking forward to enabling every individual to thrive, regardless of gender, sexual orientation, marital or civil partnership status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability, age, skills, experience, education, socio-economic and professional background, veteran status, perspectives and thinking styles. We know that embracing talent from all backgrounds is what makes us stronger and best prepared to meet our business goals.
We see the career breaks as opportunities not obstacles. Through The Global Returners program, we support professionals looking to restart their careers after an extended absence from the workforce (e.g. time out caring for family, parental leave, national service, sabbatical and/or starting an own venture).
Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award winning employee experience here.
If you require any reasonable adjustments or accommodations to help you perform at your best during the recruitment process, you are encouraged to notify us. We are fully committed to support you by making appropriate arrangements for you to demonstrate your full potential.
