Overview
As an Identity and Access Engineer at the University of Sheffield, you will play a vital role in ensuring the smooth operation and development of our in‑house developed account management system, Active Directory and Azure AD (Entra ID) authentication systems, and related technologies such as SSO, DUO MFA, and PAM. Your expertise and proven track record will maintain high standards and support the security of our digital infrastructure. This role is critical for providing access for over 60,000 users across students, staff, and external partners.
Responsibilities
* Build, support, document and maintain scripts for authentication and/or amendment to accounts
* Maintain and support the account provisioning systems and associated technologies using a variety of technologies such as Perl, Python, .NET and Bash
* Develop new features and improvements
* Work in collaboration with a wide range of diverse teams to successfully implement and maintain authentication systems
* Help support, manage and develop our in‑house developed account management system, Active Directory, Azure AD (Entra ID), LDAP and related services
* Conduct regular audits to identify potential vulnerabilities and implement vital security measures
* Provide technical support and guidance to end‑users, resolving authentication‑related issues as appropriate
* Implement processes to allow for better collaborative development of the authentication system, for example version control, automated deployment, automated testing
* Develop and maintain application hosting with standard methodology, particularly in relation to security, resilience and performance
* Act as a technical point of contact in areas of expertise with other colleagues and departments
* Keep up to date with new technologies and improve existing skills using all available resources
* Carry out other duties commensurate with the grade and remit of the post
Qualifications
Essential requirements:
* Good honours degree in a related subject area or equivalent qualifications (or equivalent experience)
* Experience working with Active Directory and LDAP in a large complex environment
* Proven expertise in designing and implementing account management and authentication systems and solutions
* Strong knowledge of industry‑standard authentication protocols and technologies
* Understanding of fundamental security principles and recommended approaches
* Excellent problem‑solving skills with the ability to apply a pragmatic approach to a problem
* Ability to manage own time when working on several projects simultaneously, with an ability to prioritise and complete urgent fixes as they occur
* Excellent written and verbal communication skills, with the ability to influence and persuade and to build internal and external networks
* Experience working in collaborative environments using scripting languages such as Perl, Python, Bash and .NET, and relevant tools such as GIT and Docker
* Technical Professional Registration or a willingness to work towards it
Desirable: none specified.
Job Details
Grade: 7
Line manager: Identity and Access Manager
Direct reports: None
#J-18808-Ljbffr