Job Description
Overall purpose of the job
Based within the Identity and Access Management (IDAM) team, the Senior IDAM Engineer is responsible for designing, implementing, testing, and maintaining the IDAM frameworks, systems, and protocols. The role will build and maintaining the infrastructure and tools used to manage access to university systems, including both identity provider platforms and identity governance platforms. The post holder will lead the development of IDAM related services, whilst being an advocate for automation and security.
Key responsibilities, accountabilities and duties
IDAM design and development
* Produces detailed design specifications to form the basis for the construction of IDAM systems, including, for example,: physical data flows; user classification; governance frameworks; file layouts; common routines and utilities; program specifications or prototypes; and backup, recovery and restart procedures. Ensures that designs enhance the security of University systems, including both identity provider services and identity governance and administration services.
* Collaborates with key stakeholders both within ITS and the wider University to translate IDAM functional requirements into technical designs.Undertakes impact analysis on major design options and trade-offs. Reviews others' systems designs for IDAM to ensure selection of appropriate technology, efficient use of resources, and integration of multiple systems and technology. Ensures that the system design and protocols balance functional and non-functional requirements. Makes recommendations and assesses and manages associated risks.
* Develops and implements Role-based Access Control (RBAC) policies, models and guidelines that align with University needs and security best practice.
* Reviews and improves the user lifecycle management processes to enhance the user experience.
* Constructs, interprets and executes test plans and test cases to verify successful end-to-end operation of the completed IDAM tools, systems and integrations.
Person Specification
* Extensive knowledge of and experience with IDAM tools and principles (e.g. SSO, federation, MFA, OpenLDAP, Shibboleth, Active Directory, identity lifecycle management, authentication and authorisation systems, RBAC, PAM risk-based authentication, Access reviews etc.).
* Possess significant experience with advanced engineering practices (e.g. Azure DevOps) and taking a lead on developing innovative and secure IDAM solutions.
* Demonstrable experience of providing technical understanding on strategic, large/complex security and/or identity and access management projects.
* Knowledge of network security technologies.
* Desirable qualifications: CIMP, CIAM, CIST, CAMS, CDP.
What you will get
* Grade 7 Salary
* 21.6 % employer pension contribution
* 29 days annual leave + 4 Christmas closure days
* Hybrid Work (2 days onsite)
* Benefit package on request
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.