Senior Infrastructure Engineer (Identity & Access Management)

Senior Infrastructure Engineer (Identity & Access Management)
Location: National*
Closing Date: 9th May
Interviews: W/C 19th May (subject to change)
Grade: G7
(MoJ candidates who are on a specialist grade, will be able to retain this grade on lateral transfer)
Salary: London: £61201 - £73875 (which may include an allowance of up to £12674). National: £56532 - £69150 (which may include an allowance of up to £12618).
Working pattern: Full-time, part-time, flexible working, job share.
Contract Type: Permanent.
*We offer a hybrid working model, allowing for a balance between remote work and time spent in your local office. Office locations can be found ON THIS MAP.
The Role

We're recruiting for a Senior Infrastructure Engineer (Identity and Access Management) here at Justice Digital, to be part of our warm and collaborative End User Compute Services (EUCS) team.

This role aligns against Senior Infrastructure Engineer from the Government Digital and Data Framework.

You will be responsible for development activities across our product: IAM.

These are exciting times at Justice Digital. We have a clear vision - to develop a digitally enabled justice system that works simply for its users - and we're looking for enthusiastic, talented people to help us achieve it.

We're making things better by building adaptable, effective services and making systems that are simple to use for staff and citizens. It can be challenging but it's also important and rewarding.

As well as doing interesting work, we're creating an environment that's great to work in. We provide the opportunity to work with the latest technologies and offer brilliant training opportunities alongside support from expert colleagues. On top of that, you'll find flexible working, an inclusive culture, and a place where your opinion is valued.

To help picture your life at MoJ Justice Digital please take a look at our blog and our Digital and Technology strategy 2025.
Key Responsibilities:

• Develop and execute a strategic roadmap for the organization's IAM program.
• Align IAM initiatives with overall business objectives and security goals.
• Provide leadership and mentorship to junior IAM engineers and team members.
• Collaborate with cross-functional teams to drive IAM initiatives across the organization.
• Design and oversee the implementation of IAM architectures that meet current and future business needs.
• Evaluate emerging technologies and recommend their adoption based on business value and security considerations.
• Develop and update IAM policies, standards, and procedures.
• Ensure that IAM practices align with regulatory requirements and industry best practices.
• Assess IAM-related risks and develop strategies to mitigate them.
• Collaborate with the risk management team to integrate IAM into the organization's overall risk management framework.
• Lead incident response efforts related to IAM incidents.
• Conduct post-incident reviews and implement improvements to prevent future incidents.
• Ensure IAM solutions comply with industry regulations and standards.
• Collaborate with auditors to address IAM-related audit findings and implement corrective actions.
• Evaluate and manage relationships with IAM solution vendors.
• Stay informed about industry trends and assess the potential impact on the organization.
• Implement automation solutions to streamline IAM processes and improve efficiency.
• Optimize IAM systems for performance, scalability, and resource utilization.
• Lead IAM projects, coordinating with stakeholders, managing timelines, and ensuring successful project delivery.
• Provide project status updates to senior leadership.
• Collaborate with the IT security team to align IAM practices with broader security initiatives.
• Contribute to the development and execution of the organization's security strategy.
• Develop and deliver training programs for the IT team, end-users, and other relevant stakeholders.
• Foster a culture of security awareness within the organization.
• Continuously assess the effectiveness of IAM solutions and processes.
• Identify opportunities for improvement and lead initiatives to enhance the organization's IAM posture.
• Communicate effectively with senior leadership, translating technical concepts into business terms.
• Provide regular updates on IAM initiatives, challenges, and achievements.
• Provide level 3 support when necessary and act as a point of escalation for more serious problems.
• Share knowledge of tools and techniques with the wider team and community, both developers and non-developers, while also maintaining a collaboration culture.

If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!
Benefits

• 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
• A £1k per person learning budget is in place to support all our people, with access to best in class conferences and seminars, accreditation with professional bodies, fully funded vocational programmes and e-learning platforms.
• Staff have 10% time to dedicate to develop & grow.
• Generous civil service pension based on defined benefit scheme, with employer contributions of 28.97% from April 1st 2024 (Contribution Rates).
• 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Kings' birthday. 5 additional days of leave once you have reached 5 years of service.
• Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
• Wellbeing support including access to the Calm app.
• Bike loans up to £2500 and secure bike parking (subject to availability and location).
• Season ticket loans, childcare vouchers and eye-care vouchers.
• 5 days volunteering paid leave.
• Free membership to BCS, the Chartered Institute for IT.
• Some offices may have a subsidised onsite Gym.

• Experience with information security concepts such as modern authentication and access control.
• Experience in setting up automations or CI/CD using one of the following tools Azure DevOps, Azure Logic App or Azure Automation, Webhook, ServiceNow.
• Experience in working with and implementing technical solutions for IAM security, including authentication, single-sign-on (enterprise and web/ cloud), and access and entitlement management (including privileged access/ identity management).
• Experience using identity systems in the cloud, specifically in Azure B2B & B2C.
• Comprehensive knowledge and experience with authentication standards and technologies such as multi factor authentication, JSON Web Token (JWT), OpenID, OAuth, SAML, SCIM, etc.
• Experience in one of IAM solutions such as PKI.
• Experience in managing Identity & Access Management processes (user provisioning, account creation and management).
• Experience in using scripting tools (Bash or PowerShell). Experience in Kusto Query Language (KQL). Good understanding of REST API's and JSON. Experience with cloud directory such as Entra ID.
• Have a systematic approach to problem solving.
• Excellent written and verbal communication skills.
• Good debugging, problem-solving and analytical skills. Work collaboratively and independently to provide solutions to complicated problems.
• Have experience working in an Agile, fast-paced working environment.

Willingness to be assessed against the requirements for SC clearance.

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.
How to Apply

Candidates must submit a CV and statement of suitability (of no more than 750 words) via our applicant website Jobtrain, which describes how you meet the requirements set out in the Person Specification above. Candidates who do not submit both a CV and a separate statement of suitability will not be invited to attend an interview.

In Justice Digital, we recruit using a combination of the Government Digital and Data Profession Capability and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:

• Working together
• Delivering at pace
• Managing a quality service
• Changing and improving

A diverse panel will review your application against the Person Specification above.

Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference.

Should we receive a high volume of applications, a pre-sift based on the following criteria will be conducted before the sift -

• Experience in managing Identity & Access Management processes (user provisioning, account creation and management).
• Have experience working in an Agile, fast-paced working environment.

Should you be unsuccessful in the role that you have applied for but demonstrate the capability for a role at a lower level, we reserve the right to discuss this opportunity with you and offer you the position without needing a further application.

A reserve list may be held for up to 12 months, from which further appointments may be made.
Terms & Conditions

Please review our Terms & Conditions which set out how we recruit and provide further information related to the role and salary arrangements.

If you have any questions, please feel free to contact recruitment@digital.justice.gov.uk