The closing date for this job has now passed.

Vacancy reference: 2877
Salary: National £56,532-£73,450 which may include an allowance of up to £16,918 London £61,201-£78,225 which may include an allowance of up to £17,024
Closing date: 24/02/2025
Department: Technology Services
Location: National
Employment type: Permanent

Job Description

Lead Infrastructure Engineer

Location: National*


Closing Date: Monday 24th February

Interviews: w/c 10th March


Grade: G7

(MoJ candidates who are on a specialist grade, will be able to retain this grade on lateral transfer)


Salary: National: £56,532- £73,450 (which may include an allowance of up to £16,918). London: £61,201- £78,225 (which may include an allowance of up to £17,024).


Please note, you will be required to take part in an on-call rota, sharing the responsibility of providing out of hours engineering cover for major incidents for which an additional allowance is payable.


Working pattern: Full-time, Part-time, Flexible working.

Contract Type: Permanent


Vacancy number: 2877


*We offer a hybrid working model, allowing for a balance between remote work and time spent in your local office. Office locations can be found ON THIS MAP

The Role

We’re recruiting for a Lead Infrastructure (IAM) Engineer within the Identity & Access Management Team here at Justice Digital, to be part of our warm and collaborative End User Compute Services (EUCS) team.


This role aligns against Lead Infrastructure Engineer from the Government Digital and Data Framework.


The EUCS Team design, deliver and support the core infrastructure and systems that enable End User Compute Services and line of business applications for over 100,000 Ministry of Justice users across over 800 locations.


These are exciting times at Justice Digital. We have a clear vision - to develop a digitally enabled justice system that works simply for its users - and we’re looking for enthusiastic, talented people to help us achieve it.


We’re making things better by building adaptable, effective services and making systems that are simple to use for staff and citizens. It can be challenging but it’s also important and rewarding.


As well as doing interesting work, we’re creating an environment that’s great to work in. We provide the opportunity to work with the latest technologies and offer brilliant training opportunities alongside support from expert colleagues. On top of that, you’ll find flexible working, an inclusive culture, and a place where your opinion is valued.

To help picture your life at MoJ D&T please take a look at our blog and our Digital & Technology strategy.


Please note: We have a number of roles available therefore, if you are not successful in this campaign, you may be offered a lower grade role.

Key Responsibilities:


  • Lead and develop a team of Engineers, instilling best practice and ensuring KPIs are consistently achieved.
  • Develop and execute a strategic roadmap for the organization's IAM program.
  • Align IAM initiatives with overall business objectives and security goals.
  • Provide leadership and mentorship to junior IAM engineers and team members.
  • Collaborate with cross-functional teams to drive IAM initiatives across the organization.
  • Design and oversee the implementation of IAM architectures that meet current and future business needs.
  • Evaluate emerging technologies and recommend their adoption based on business value and security considerations.
  • Develop and update IAM policies, standards, and procedures.
  • Ensure that IAM practices align with regulatory requirements and industry best practices.
  • Assess IAM-related risks and develop strategies to mitigate them.
  • Collaborate with the risk management team to integrate IAM into the organization's overall risk management framework.
  • Lead incident response efforts related to IAM incidents.
  • Conduct post-incident reviews and implement improvements to prevent future incidents.
  • Ensure IAM solutions comply with industry regulations and standards.
  • Collaborate with auditors to address IAM-related audit findings and implement corrective actions.
  • Evaluate and manage relationships with IAM solution vendors.
  • Stay informed about industry trends and assess the potential impact on the organization.
  • Implement automation solutions to streamline IAM processes and improve efficiency.
  • Optimize IAM systems for performance, scalability, and resource utilization.
  • Lead IAM projects, coordinating with stakeholders, managing timelines, and ensuring successful project delivery.
  • Provide project status updates to senior leadership.
  • Collaborate with the IT security team to align IAM practices with broader security initiatives.
  • Contribute to the development and execution of the organization's security strategy.
  • Develop and deliver training programs for the IT team, end-users, and other relevant stakeholders.
  • Foster a culture of security awareness within the organization.
  • Continuously assess the effectiveness of IAM solutions and processes.
  • Identify opportunities for improvement and lead initiatives to enhance the organization's IAM posture.
  • Communicate effectively with senior leadership, translating technical concepts into business terms.
  • Provide regular updates on IAM initiatives, challenges, and achievements.
  • Provide level 3 support when necessary and act as a point of escalation for more serious problems.
  • Share knowledge of tools and techniques with the wider team and community, both developers and non-developers, while also maintaining a collaboration culture.

The Lead Engineer will work collaboratively with:


  • All Service Owners
  • Technical Architecture and Service Operations teams
  • 3rd party Service Managers, Project and Technical leads
  • Senior Operations Managers within the EUC team
  • Key MOJ stakeholders

If this feels like an exciting opportunity, something you are enthusiastic about, and want to join our team please read on and apply!

Benefits

  • 37 hours per week and flexible working options including working from home, working part-time, job sharing, or working compressed hours.
  • A £1k per person learning budget is in place to support all our people, with access to best in class conferences and seminars, accreditation with professional bodies, fully funded vocational programmes and e-learning platforms
  • Staff have 10% time to dedicate to develop & grow
  • Generous civil service pension based on defined benefit scheme, with employer contributions of 28.97% from April 1st 2024 (Contribution Rates)
  • 25 days leave (plus bank holidays) and 1 privilege day usually taken around the Kings’ birthday. 5 additional days of leave once you have reached 5 years of service.
  • Compassionate maternity, adoption, and shared parental leave policies, with up to 26 weeks leave at full pay, 13 weeks with partial pay, and 13 weeks further leave. And maternity support/paternity leave at full pay for 2 weeks, too!
  • Wellbeing support including access to the Calm app.
  • Bike loans up to £2500 and secure bike parking (subject to availability and location)
  • Season ticket loans, childcare vouchers and eye-care vouchers.
  • 5 days volunteering paid leave.
  • Free membership to BCS, the Chartered Institute for IT.
  • Some offices may have a subsidised onsite Gym.

Person Specification


Essential


  • Experience in setting up automations or CI/CD using one of the following toolsAzure DevOps, Azure Logic App or Azure Automation, Webhook, ServiceNow.
  • Experience in working with and implementing technical solutions for IAM security, including authentication, single-sign-on (enterprise and web/ cloud), and access and entitlement management (including privileged access/ user provisioning, account creation and management).
  • Comprehensive knowledge and experience with authentication standards and technologies such as multi factor authentication, JSON Web Token (JWT), OpenID, OAuth, SAML, SCIM, etc.
  • Experience in one of IAM solutions such as PKI.
  • Experience in using scripting tools (including PowerShell).
  • Good understanding of REST API’s and JSON.
  • Experience of cloud active directory such as Entra ID.
  • Working in an Agile, fast-paced working environment and using Agile tools and techniques (Jira, Confluence, Miro).
  • Good understanding of security principles and technologies in the identity and access management domain: RBAC, modern MFA, SSO, Windows Hello for Business, Conditional Access, Self-service password reset (SSPR).
  • Experience in documentation (HLD, LLD, KB Articles).

Willingness to be assessed against the requirements for SC clearance.


The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan and the Civil Service D&I Strategy.

How to Apply

Candidates must submit a CV and Personal Statement which describes how you meet the requirements set out in the Person Specification above.


In Justice Digital, we recruit using a combination of the Government Digital and Data Profession Capability and Success Profiles Frameworks. We will assess your Experience and the following Behaviours during the assessment process:

Leadership

Working Together

Developing Self and Others

Changing and Improving

Managing a Quality Service

A diverse panel will review your application against the Person Specification above.


Successful candidates who meet the required standard will then be invited to a 1-hour panel interview held via video conference and will be asked to present on a topic shared one week before the interview.


Should we receive a high volume of applications, a pre-sift based on ‘Experience in working with and implementing technical solutions for IAM security, including authentication, single-sign-on (enterprise and web/ cloud), and access and entitlement management (including privileged access/ user provisioning, account creation and management)’ AND ‘Working in an Agile, fast-paced working environment and using Agile tools and techniques (Jira, Confluence, Miro)‘ will be conducted prior to the sift.


Should you be unsuccessful in the role that you have applied for but demonstrate the capability for a role at a lower level, we reserve the right to discuss this opportunity with you and offer you the position without needing a further application.


A reserve list may be held for up to 12 months, from which further appointments may be made.

Terms & Conditions

Please review our Terms & Conditions which set out how we recruit and provide further information related to the role and salary arrangements.


If you have any questions, please feel free to contact recruitment@digital.justice.gov.uk




Take a look around the company https://www.jobtrain.co.uk/justicedigital
LinkedInClick here to contact us on YouTube