Identity and Access Management Specialist
My client creates innovative technical solutions and support services to enable the delivery of essential world-leading science to customers globally, using cutting edge technology.
The Access Management team, has the responsibility for managing access to a diverse and challenging estate with systems and services located around the world and on cloud platforms.
We are looking for an engineer, skilled in cloud technologies, to complement the existing team. This role will be very much be a leading role within the team, delivering best practice solutions and reference architecture, providing technology assurance and developing innovative solutions to complex auth and authorization use cases.
This is an exciting opportunity to work in a highly technical area within a dynamic team, delivering development and support services, essential to the future success of the business
Job Purpose – Summarise what this job needs to achieve in a single sentence
The job holder will help to build and improve existing solutions in support of robust automated identity and access management systems for our on-premise, SaaS and cloud-based services.
Job Responsibilities – Example layout below; put in priority order, start with the most important
- Help build Identity and Access management solutions that supports the adoption of cloud and hybrid cloud services that is in line with our vision of: “Provide a unified approach to protecting data and services with an Identity and Access Management service that is manageable, scalable, and easy to use”
- Establish common reusable IT services and patterns for Access Management for both internal and external customers.
- Support the automation of both the customer and employee access management journeys including the automation of access controls and identity governance.
- Contribute to the continuous improvement and development of the Corporate Identity and Access Management DevOPS team and the services they provide.
- Using proven industry knowledge and experience with Identity and Access Management to set future technical direction for both the Identity and Access management team and the Met Office development community.
Qualifications, Skills & Abilities
Essential Criteria describe what the candidate must have and be able to do, in priority order. Each criterion should describe just one distinct skill necessary for effective performance.
Significant industry experience in building and maintaining access management systems for customer, employees, and B2B with Active Directory, Azure Active Directory and the Azure B2C identity experience framework (IEF policies).
Knowledge of best practices in managing Identity and Access management systems and processes with experience of developing against identity stores by providing strong authentication and authorization services including Role Based Access (RBAC)
Experience of working and creating front end authentication services on multiple cloud platforms. Ideally with AWS & Azure in combination with API gateways and edge authentication services.
Deep understanding of authentication protocols such as SAML OpenID, Oauth, LDAP. With the ability to lead workshops to independently sequence the differing authentication flows.
Evidence of an organised and structured approach to work with an ability to communicate to stakeholder at all levels.
Driven to continuously improve – Has the enthusiasm and experience to push the boundaries of technology with innovative solutions.
Desirable Criteria (and ideally the candidate would also have . . . )
Experience in building and maintaining access management systems with non-Microsoft technologies such as FreeIPA, OpenAM, AWS Cognito or other OpenID connect, Oauth or SAML services providers.
AWS code pipeline and CI/CD
Integration with ServiceNow workflows to support approval processes and JML
Implementing monitoring solutions / frameworks using with Azure monitor and SIEM tools.
Additional Supplementary Information (e.g. preferred location, development opportunities)
This is a temporary role will be in the Access Management team in I&O