Infrastructure Engineer - Identity and Access Management

The proficient Identity team oversees all aspects of internal authentication within the DWP infrastructure. The focus revolves around Active Directory/Entra ID, supplemented by various supporting infrastructure components like DNS, Certificate Services (PKI), Modern Authentication (MFA, WHfB), Entra ID Connect, and Single Sign-On technologies such as ADFS. Additionally, the team provides support for a custom-built Identity Management platform that integrates seamlessly with ServiceNow, along with enterprise security systems such as Active Directory.

As the service proprietors, we bear responsibility for the everyday operational support and the design elements associated with changes/projects. The absence of these services would impede the delivery of essential DWP business functions. We hold ownership of the Identity and Public Key Infrastructure roadmap and are actively pursuing a multi-year plan to enhance the service. This involves ongoing, long-term initiatives, including increased utilisation of cloud services such as Azure/AWS.

Our objective is to deliver a contemporary, dependable, and versatile service that facilitates uncomplicated yet secure access to DWP devices, data and systems, adhering to industry best practices., We are looking for a working level Infrastructure Engineer specialising in Identity management to join our dynamic team. As an Identity Infrastructure engineer, you will play a pivotal role in ensuring integrity, security, and efficiency of DWPs Identity infrastructure., The Civil Service values honesty and integrity and expects all candidates to abide by these principles. Please ensure that all examples provided in your application are taken directly from your own experience and that you describe the examples in your own words. Applications will be screened and if evidence of plagiarism or copying examples/answers from other sources is found, your application will be withdrawn. Internal DWP candidates may also face disciplinary action.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.,

• UK nationals


• nationals of the Republic of Ireland


• nationals of Commonwealth countries who have the right to work in the UK


• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)


• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)


• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020


• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
  
  Are you an experienced security focused infrastructure engineer?


Do you enjoy working in a fast-paced environment continually looking to evolve?

Do you want to work with the largest deployment of directory services and hybrid cloud environment?

If so, we are looking for an Infrastructure Engineer to join our dynamic team, responsible for delivering Identity & Digital Encryption services to the DWP user base.

This role requires out of hours support on a paid rota, but this will be on a week on week off basis arranged with the other engineers within the team., The ideal candidate for this role will be able to demonstrate the following essential criteria:

• Experience of working with Active Directory, Entra ID, MFA and SSO technologies


• Experience of onboarding applications to Entra ID eg. Enterprise Applications


• Knowledge in scripting languages for automation eg. PowerShell, Bash, Azure CLI


• Experience of implementing and working with Privileged Access Management systems and RBAC eg. Azure Privileged Identity (PIM) Management or CyberArk PAM


• Knowledge and experience of Windows Server Security, Monitoring and Vulnerability Management


• Background in working within large enterprise settings and multi-supplier environments., You must meet the security requirements before you can be appointed. The level of security needed is security check.
  
  DWP colleagues will have the opportunity to join HASSRA, a vibrant and successful organisation that provides a first-class programme of competitions, activities and benefits for its members (subscription payable monthly). It also has an important part to play in helping us achieve a healthy work-life balance and wellbeing in the workplace.
  
  Annual leave rising up to 30 days, (based on your working pattern).


• Family friendly flexible working arrangements, such as hybrid working, job sharing, term-time working, flexi-time and compressed hours.


• Learning and development tailored to your role this could include industry recognised qualifications, coaching and mentoring.


• An inclusive and diverse environment with opportunities to join staff networks including: Women's Network, National Race Network, National Disability Network (THRIVE) and many more.


This job role may be suitable for hybrid working, which is where an employee works part of the week in their DWP office and part of the week from home. This is a voluntary, non-contractual arrangement and your office will be your contractual place of work. The number of days that anyone will be able to work at home will be determined primarily by business need but personal circumstances and other relevant circumstances will also be taken into account. If you are successful, any opportunities for hybrid working, including whether a hybrid working arrangement is suitable for you, will be discussed with you prior to you taking up your post.

Salary Information

Pay for this role is from £40,201 to £43,347.

The maximum salary for the grade is £43,347, however a Digital Allowance of up to £5,000 per annum is available for exceptional candidates, based on our assessment of your skills and experience.

Our offer to successful candidates will be based on an assessment of your skills and experience as demonstrated at interview.

Existing Civil Servants who secure a new role on lateral transfer should maintain their current salary.

Existing Civil Servants who gain promotion may move to the bottom of the next grade pay scale or 10% increase in salary whichever would be the greater.