Access and Identity Lead

£45k + Bonus

Mid Cornwall

Permanent

Tech, Support

Overview of role

At King’s Service Centre comprehensive support is provided to all IT systems of King’s College London (KCL) in an enterprise environment. They foster enthusiasm for cutting edge solutions to age old problems. You will have the opportunity to work with multiple talented service teams to develop and deliver creative projects.

In a small organization the Authentication Engineer/Lead roles would be a subset of a cyber security officer. However within KCL there are 90k+ users, necessitating a full-time team to keep on top of the day-to-day operations.

Primary responsibilities would be looking after the T0 infrastructure; domain controllers, PKI services, AD Connect, as well as the WSUS that supports them. While this includes standard server maintenance more important is the services themselves. With regard to domain controllers; AD administration and security, group policy management, LDAP service continuity, Sites and Services management. PKI entails the management of certificate services, issuance, templates, and disaster recovery. The hybrid environment relies on password write-back meaning Azure AD Connect is also critical to maintain. Also included are Azure services; privileged account management, RBAC creation, PIM, conditional access etc. As well as university authentication for SaaS solutions that use SSO, setting up and maintaining these federations.

This role is for a lead, meaning there will be an expectation to create documentation, head project design for new services, as well as develop junior talent. Recent projects for the team have delivered include MFA for all users, Azure SSPR access, tiered FGPP for all accounts, and currently working on a path to Passwordless authentication using Windows Hello.

Accountabilities

Key responsibilities:

• Responsible for managing the resolution of incidents and service requests on the Collaboration platform specifically within the Active Directory, Azure Active Directory cloud services and authentication areas.
• Responsible for supporting the delivery of technological change across Active Directory and Azure Active Directory service areas.
• Responsible for assisting with the undertaking of Service Improvements.
• Responsible for identifying opportunities to reduce environmental impact and implementing improvements.
• Responsible for working closely with the other teams within IT to provide an excellent IT Service.
• Responsible for contributing to proposed solutions to ensure they are fit for purpose and provide optimal value for money.
• Responsible for responding to customer improvement activity.
• Responsible for mentoring and managing the workload of 2 -3 Authentication SMEs within the team.

Key objectives:

• To ensure all authentication services are maintained to the correct architectural and technical best practice specifications.
• Be a stakeholder in determining whether a new release, affecting a service in production, is ready for promotion.
• Contribute to the delivery of updates or solutions to the Collaboration environment.
• Possess a detailed understanding for all King’s College London’s Collaboration platforms and the associated infrastructure.
• To operate in line with the College IT Operating Model and Values and to promote these within the Collaboration Team.
• To contribute to the Collaboration service/product roadmap.
• To drive operational excellence across Collaboration Services.
• To produce high quality documentation to enable and promote knowledge sharing across Collaboration services.

Communication & networking:

• Develop and maintain collaborative and inclusive relationships with peers, key College stakeholders, management, and colleagues.
• Utilise effective communication skills to ensure that opportunities for service improvement, issues and impediments to success are clearly understood by Collaboration Platform team members.

Decision making, planning & problem solving:

• To assist with the development and continual improvement of the college Collaboration Platform services.
• Can identify and quickly resolve issues in the Collaboration Platform Services environment.
• Identify and aid the implementation of service improvements for the Collaboration service that optimise costs, resources and service delivered.
• Work with the Collaboration manager to create a forward plan of activities and resources and ensure these are implemented.

Architectural and service delivery:

• Adhere to a best practice Service Management and Architectural framework (ITIL, TOGAF)
• Ensure that user experience and satisfaction is at the forefront of all activities.
• Drive customer satisfaction to over 90% and ensure SLA attainment is consistently above minimum requirements for the Collaboration services.
• Keep abreast of changing trends and market developments of current and future technologies.
• Identify new Collaboration technologies that can provide benefit to the College.

Key skills and experience required

(E) – Essential

(D) – Desirable

• Education to degree standard and/or equivalent qualifications/experience (D)
• Excellent experience of supporting Microsoft Windows Server 2016, Active Directory, AD connect, Azure SSPR, MFA and Azure Active Directory (E)
• Experience of supporting servers hosted in Microsoft Azure (E)
• Experience using PowerShell to configure, manage and maintain systems (E)
• Demonstrable knowledge of Authentication technologies such as Kerberos, SAML and WS-Fed (D)
• Understanding of the least privilege administrative model (E)
• Ability to use tools such as Microsoft Azure Advanced Threat Protection (ATP) to identify and resolve security incidents. (D)
• Experience supporting Microsoft DirectAccess remote connectivity. (D)
• Experience with Active Directory Certificate Services administration (D)
• Knowledge of IT Security protocols, processes, policies, and standards (D)
• ITIL qualification (Foundation Minimum) (D)
• Experienced in working with IT service management, including change, incident, and problem management. (E)
• Experience in operational IT planning and execution. (D)
• Experience of managing small projects. (D)
• Experience and knowledge of supporting technical solutions in a complex, multi-stakeholder environment. (D)
• Good knowledge of industry technical standards. (E)
• Experience of working with ITIL based Service processes and functions including Service Desk and Service Process Managers. (E)
• Proven ability to write technical documentation (Runbooks, How to Guides) (E)
• Proven ability to support a set of complex operational services. (D)
• Well-developed technical skills, with an emphasis on advanced troubleshooting. (E)
• Demonstrated flexibility and positive attitude towards the support of technical services in a fast-paced environment with inherent risks and a number of stakeholders with differing views of success. (E)
• Ability to identify and manage priorities. (E)
• Excellent written and oral communication skills. (E)
• Excellent relationship and interpersonal skills. (E)
• Ability to articulate ideas to both technical and non-technical audience. (E)
• Innovative and proactive approach to work. (E)
• Ability to set and achieve goals for self. (E)
• Ability to communicate effectively with staff at all levels. (E)
• Willingness to update professional knowledge and a commitment to continuous improvement. (E)

Equality, diversity and inclusion

KSC are an inclusive and welcoming employer that encourages a wide range of applicants. They embrace diversity and want everyone to be able to bring their whole selves to work and succeed.

This is in line with KCL.