Identity and Access Engineer

IT Services at the University of Sheffield deliver a full variety of complex IT and technology-enabled services that support education, research, workplace, corporate services and infrastructure enablers to all staff and students. The department delivers enterprise-wide products and services in line with strategic aims across the University, with stakeholders and key partners. Providing access for over 60,000 users across students, staff and external partners, this role is critical in ensuring a seamless experience is developed and maintained for all users.

• Build, support, document and maintain scripts for authentication and/or amendment to accounts
• Maintain and support the account provisioning systems and associated technologies using a variety of technologies such as Perl, Python, .Net and Bash
• Develop new features and improvements
• Work in collaboration with a wide range of diverse teams to successfully implement and maintain authentication systems
• Help support, manage and develop our in-house account management system, Active Directory, Azure AD (Entra ID), LDAP and related services
• Conduct regular audits to identify potential vulnerabilities and implement vital security measures
• Provide technical support and guidance to end-users, resolving authentication-related issues as appropriate
• Implement processes to allow for better collaborative development of the authentication system such as version control, automated deployment and automated testing
• Develop and maintain application hosting with standard methodology, particularly in relation to security, resilience and performance
• Act as a technical point of contact in areas of expertise with other colleagues and departments
• Keep up to date with new technologies and improve existing skills using all available resources
• As a member of our Professional staff, demonstrate a commitment to the professional behaviours set out in the Sheffield Professional Framework
• Carry out other duties commensurate with the grade and remit of the post

Our diverse community of staff and students recognises the unique abilities, backgrounds and beliefs of all. We foster a culture where everyone feels they belong and are respected. Even if your past experience doesn't match perfectly with this role's criteria, your contribution is valuable, and we encourage you to apply. Please ensure that you reference the application criteria in your statement when you apply.

• Essential: Good honours degree in a related subject area or equivalent qualifications (or equivalent experience)
• Essential: Experience working with Active Directory, LDAP in a large complex environment
• Essential: Proven expertise in designing and implementing account management and authentication systems and solutions
• Essential: Strong knowledge of industry-standard authentication protocols and technologies
• Essential: Understanding of fundamental security principles and recommended approaches
• Essential: Excellent problem solving skills with the ability to apply a pragmatic approach to a problem
• Essential: Manage own time when working on several projects simultaneously, with an ability to prioritise and complete urgent fixes as they occur
• Essential: Excellent written and verbal communication skills with the ability to influence and persuade and the ability to build internal and external networks
• Essential: Experience working in collaborative environments using scripting languages such as Perl, Python, Bash and .Net on developments using relevant tools such as GIT, Docker etc
• Desirable: Technical Professional Registration or the willingness to work towards it

• A minimum of 41 days annual leave including bank holiday and closure days (pro rata) with the ability to purchase more.
• Flexible working opportunities, including hybrid working for some roles.
• Generous pension scheme.
• A wide range of discounts and rewards on shopping, eating out and travel.
• A variety of staff networks, providing opportunities for social interaction, peer support and personal development (for example, Race Equality, LGBT+, Women's and Parent networks).
• Recognition awards to reward staff who go above and beyond in their role.
• A commitment to your development with access to learning and mentoring schemes; integrated with our Academic Career Pathways and Professional Services Shared Skills Framework.
• Family friendly policies: paid time off for parenting and caring emergencies, access to menopause support in the workplace, paid time off and support for fertility treatment and more.

Grade: 7
Line manager: Identity and Access Manager
Direct reports: None

Criminal record: A basic DBS check will be needed for this role. Possession of a criminal record is not an automatic bar to employment at the University of Sheffield. More information can be found on our information for candidates page.