About the job

Job summary

This position is based nationally

Job description

We encourage applications from people from all backgrounds and aim to have a workforce that represents the wider society that we serve. We pride ourselves on being an employer of choice. We champion diversity, inclusion and wellbeing and aim to create a workplace where everyone feels valued and a sense of belonging. To find out more about how we do this visit: https://www.gov.uk/government/organisations/ministry-of-justice/about/equality-and-diversity.

Senior Identity Access Management (IAM) Engineer

Location: National* 

Closing Date: 6th March

Interviews week commencing:18th March

Grade: G7 

Salary: National: £54358 - £69150 (which may include an allowance of up to £14792) London: £58847 - £73875 (which may include an allowance of up to £15028)     

Working pattern: Full-time, part-time, job share, flexible working.

Vacancy number: 84705

*We offer a hybrid working model, allowing for a balance between remote work and time spent in your local office. Office locations can be found ON THIS MAP

The Role 

We’re recruiting for a Senior Identity Access & Management (IAM) Engineer here at here at Justice Digital, to be part of our warm and collaborative MoJ End User Compute (EUC) Identity & Access Management Team.

You will develop and execute a strategic roadmap for the organization's IAM program and collaborate with cross-functional teams to drive IAM initiatives across the organization. You will work on projects incorporating authentication, single-sign-on (enterprise and web/ cloud), and access and entitlement management (including privileged access/ identity management).

These are exciting times at Justice Digital. We have a clear vision - to develop a digitally enabled justice system that works simply for its users - and we’re looking for enthusiastic, talented people to help us achieve it. 

We’re making things better by building adaptable, effective services and making systems that are simple to use for staff and citizens. It can be challenging but it’s also important and rewarding. 

As well as doing interesting work, we’re creating an environment that’s great to work in. We provide the opportunity to work with the latest technologies and offer brilliant training opportunities alongside support from expert colleagues. On top of that, you’ll find flexible working, an inclusive culture, and a place where your opinion is valued. 

To help picture your life at MoJ Justice Digital please take a look at our blog and our Digital and Technology strategy 2025

Key Responsibilities:

As a Senior IAM Engineer in EUCs, you will:

• Develop and execute a strategic roadmap for the organization's IAM program.

• Design, build and maintain IAM architectures that meet current and future business needs.

• Provide leadership and mentorship to junior IAM engineers and team members.

• Evaluate emerging technologies and recommend their adoption based on business value and security considerations.

• Share knowledge of tools and techniques with the wider team and community, both developers and non-developers, while also maintaining a collaboration culture.

• Develop and update IAM policies, standards, and procedures.

• Collaborate with the risk management, audit and security functions on IAM matters.

• Evaluate and manage relationships with IAM solution vendors and the wider industry.

• Foster a culture of security awareness within the organization.

• Communicate effectively with senior leadership, translating technical concepts into business terms.

• Provide level 3 support when necessary and act as a point of escalation for more serious problems.

If this feels like an exciting challenge, something you are enthusiastic about, and want to join our team please read on and apply!

Person Specification:

Essential

• Subject matter expert knowledge and experience with on-premises and cloud IAM technologies including Microsoft Entra ID, B2B and B2C.

• Experience with authentication standards and technologies such as multi-factor authentication, PKI, JSON Web Token (JWT), OpenID, OAuth, SAML, SCIM, etc.

• Experience in setting up automation or CI/CD using one of the following tools Azure DevOps, Azure Logic App or Azure Automation, Webhook, ServiceNow

• Excellent collaboration and partnership skills, with a proven ability to work as part of a wider technical team (including engineers, architects, auditors etc.)

• Identity & Access Management process management (user provisioning, account creation and management).

• Work collaboratively and independently to provide solutions to complicated problems.

• Develop and maintain an understanding of technical IAM changes by working with suppliers, regulations and industry standards.

• Good debugging, problem-solving and analytical skills

• Good understanding of security principles and technologies in the identity and access management domain: RBAC, modern MFA, SSO, Windows Hello for Business, Conditional Access, and Self-service password reset (SSPR).

Willingness to be assessed against the requirements for SC Clearance.

We welcome the unique contribution diverse applicants bring and do not discriminate on the basis of culture, ethnicity, race, nationality or national origin, age, sex, gender identity or expression, religion or belief, disability status, sexual orientation, educational or social background or any other factor.  

Our values are Purpose, Humanity Openness and Together. Find out more here about how we celebrate diversity and an inclusive culture in our workplace. 

Person specification

Please refer to attached Job Description

Benefits

Alongside your salary of £54,358, Ministry of Justice contributes £15,165 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

Things you need to know

Selection process details

How to Apply 

At the interview, we will be assessing your technical/specialist skills and experience, testing your ability through relevant assessments and asking you questions about the behaviours we require to be successful in this role.

Throughout the process, we will assess your technical specialist skills and experience on the above requirements. 

Candidates must submit a personal statement (max 750 words) and CV which describe how they meet the following requirements:

• Experience with authentication standards and technologies such as multi factor authentication, PKI, JSON Web Token (JWT), OpenID, OAuth, SAML, SCIM, etc.

• Good debugging, problem-solving and analytical skills

• Good understanding of security principles and technologies in the identity and access management domain: RBAC, modern MFA, SSO, Windows Hello for Business, Conditional Access, Self-service password reset (SSPR).

In Justice Digital, we recruit using a combination of the Government Digital and Data Profession Capability and Success Profiles Frameworks. We will assess your Experience, Technical Skills and the following Behaviours during the assessment process:

• Working together

• Seeing the Big Picture

• Managing a quality service

• Changing and improving

Your application will be reviewed against the Person Specification above by a diverse panel.  

Successful candidates who meet the required standard will then be invited to an interview held via video conference. 

Should we receive a high volume of applications, a pre-sift based on [Pre-Sift Criteria] will be conducted prior to the sift. 

Terms & Conditions 

Please review our Terms & Conditions which set out the way we recruit and provide further information related to the role and salary arrangements. 

If you have any questions please feel free to contact recruitment@digital.justice.gov.uk 

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.