Job summary
The Department for Education is seeking to recruit IT Infrastructure Engineers to work across multiple endeavours, predominantly in the Microsoft Azure public cloud. We continually seek new & innovative opportunities in our cloud estate for efficiencies, economies of scale and new value to users across established cloud computing platforms to make them better for users, increase value for money and reduce complexity.
Specialist Identity Infrastructure Engineers in the Department for Education design, build, operate and support the organisation’s centrally managed Identity Directory Services that underpin the Department’s Digital services. If you are successful, you will work within DfE’s Cyber and Information Security division as part of a team providing specialist support including the following.
- Identity management and administration. Security, management, governance and automation of DfE’s centrally managed Identity Directory Services, Microsoft Active Directory and Azure Entra. Includes design, build, operate and maintain core Directory Services, ensuring that they remain available, secure, and that they continue to meet requirements.
- Managed infrastructure and securing identity services. Build, operate and maintain cloud and on-premises infrastructure resources for business applications. Back-up and restore, security vulnerability management, capacity management, service optimisation, incident resolution, request fulfilment, service controls, and asset management.
- Service improvement. Develop new, and enhance existing infrastructure services within the identity workspace, managing processes to simplify infrastructure, enhance security, improve reliability & performance, avoid costs, scale & expand, prevent legacy, meet new requirements, or address emerging problem statements.
Job description
As a Senior Infrastructure Engineer specialising in Identity and Access Management, you will work within a team of security specialists and engineers maintaining, building and operating Directory Services solutions as directed and according to policy. You will:
- Provide management, administration, operation and maintenance of Active Directory, Azure Entra and Microsoft Certificate services.
- Manage IDAM related Azure services, such as Enterprise Applications and Identity Protection, advising and troubleshooting services.
- Manage and administer Service Desk queue specific to restricted identity and certificate requests.
- Assist in the development of upgrade plans and paths, future design, working with colleagues across wider DfE family.
- Contribute to business cases for new technology or refresh within Identity and Cryptography, including analysis of existing technologies, development of proposals for change and improvement.
- Undertake management of activities for securing Directory Services, enhancements and system changes including assessment of risks.
- Troubleshoot Directory Services risk assessments, implementing changes to address known risks.
- Liaise with business colleagues on release planning and scheduling of Directory Services integrated solutions, including communication of progress.
- Ensure that post release reviews are conducted.
- Advocate user-centric, agile approaches which focus on rapid, effective delivery of high-quality digital services.
- Work with and support third parties in providing infrastructure services.
- Work with technical and security architects to translate architectural designs into operations.
- Share knowledge of tools and techniques with the wider team and community, growing awareness, inclusivity and balance.
- Take a proactive role in the identification, evaluation and management of appropriate changes to team managed services (including automation).
Security Vetting
If you are successful, you must be prepared to undergo the Security Check (SC) clearance process. Please see the guidance here for further information. Note that there are specific residency and other requirements; please ensure you check these and your potential eligibility before applying.
