Internal Only – Engineer (Access Management)

Cardiff University


This post is currently open to employees of Cardiff University only.  Please do not apply if you do not have a current contract of employment with the University.

Internal Only – Engineer (Access Management)

Working within the Access Management team, the role will be responsible for contributing to the development and support of the Authentication and Authorisation Infrastructure and integrations used throughout the University.

The role holder will be expected to:
•    Contribute to the design & implementation of new authentication infrastructure & integration, in addition to uplifting, implementing, and decommissioning existing implementations.
•    Contribute to and work with the infrastructure/architecture/security/business standards that under ping the Access Management infrastructure and integrations.
•    Assist in troubleshooting issues with existing integrations from both an end user and technical service point of view.
•    Assist in the performing of pro-active maintenance of SaaS and Infrastructure components underpinning Access Management.

We want to make Cardiff University an institution that is respected the world over. Our vision is to be a world-leading, research-excellent, educationally outstanding university, driven by creativity and curiosity, which fulfils its social, cultural and economic obligations to Cardiff, Wales, the UK and the world. We expect to improve our standing as one of the top 100 universities in the world and the top 20 in the UK. 

This is a developmental role which will facilitate hands on experience with enterprise level Identity and Access Management solutions, with an aim of growing the successful candidate to eventually take responsibility for providing secure solutions for a wide variety of requirements.

The successful candidate will be provided with access to mentoring and training within the field in Access Management.  Covering an understanding of strategy, current and developing technologies/systems, along with working practices within an enterprise ITIL focussed department.   The candidate can expect to be involved within an area, which facilitates changes that affect the whole University.

You are expected to have familiarity of the running and maintenance of shared IT resources – preferably Linux or Windows server based – and understand how the availability of these resources can be maintained to agreed service levels.

Good experience of troubleshooting issues across heterogenous IT systems is expected, along with the ability to independently learn on the fly.

You would have an understanding, or interest, in the concepts of federated and non-federated authentication. 

Familiarity of directory services or shared databases is preferable, along with command line shell and/or programming languages to obtain and manipulate data.

A basic working knowledge of Information and Cyber security concepts is critical.

You will be a self-motivator with a desire to work more independently, who is able to develop their technical skills through a combination of coached and independent learning.

The role will require you to prioritise and manage your workload effectively and respond promptly to new requirements where necessary.  It will provide the right candidate with opportunities to develop new skills and to focus on specialist areas.

What we offer 
Cardiff University can offer many attractive benefits to its employees, including a competitive salary, 37 days annual leave per annum and a generous pension scheme. More information on what we can offer can be found at 

This is a full time post, fixed term for 18 months.

Salary: £39,347 – £44,263 per annum (Grade 6) 

Closing date: Friday, 8 September 2023

External applications are currently not being considered for this post.  If the decision is made to open the post to external candidates, the strapline at the top will be removed and you will be given ample time to apply – please check back periodically for details.

Please be aware that Cardiff University reserves the right to close this vacancy early should sufficient applications be received.

Cardiff University is committed to supporting and promoting equality and diversity and to creating an inclusive working environment. We believe this can be achieved through attracting, developing, and retaining a diverse range of staff from many different backgrounds.  We therefore welcome applicants from all sections of the community regardless of sex, ethnicity, disability, sexual orientation, trans identity, relationship status, religion or belief, caring responsibilities, or age.  In supporting our employees to achieve a balance between their work and their personal lives, we will also consider proposals for flexible working or job share arrangements.

Job Description

You will be required to:
• Contribute to a centre of expertise within the organisation, taking responsibility for the development and maintenance of technical systems, covering all aspects of the systems lifecycle including investigation, analysis, specification, design, building, testing, operation, maintenance, upgrade, migration and obsolescence.
• Develop and maintain one-to-one, or one-to-many, Identity and Access Management integrations required by the University internally and externally.
• Take responsibility for aspects of the specification and design of technology utilised within the organisation, including recommendations for improving technology operations and cost-effectiveness.
• Produce and maintain technology design policies, philosophies and criteria covering connectivity, capacity, interfacing, security, resilience, recovery, access and remote access using industry standards, methods and tools.
• Suggest design enhancements, capacity changes, contingency and system recovery arrangements as required, enabling design targets to be met and ensuring that the technology provided meets service level targets within the organisation’s planned budget.
• Review technology costs against planned budgets, taking into account public tariffs and new technology developments; liaise with technology suppliers of equipment, software and services, evaluating proposals and approving changes to technology design where appropriate.
• Contribute to technical requirements, tender and proposal documents and participate in reviews and evaluations of responses for the selection of appropriate suppliers, services and contracts.
• Work with colleagues to monitor, optimise and report on the operational performance and stability of technology systems using commercial and open source tools; and identify where further development may be needed.
• Take responsibility for resolving problems and issues independently, using judgement and creativity to suggest the most appropriate course of action, and ensuring that the impact of complex and conceptual issues and solutions are understood by all parties.
• Contribute to the development of standards to allow staff within the role’s technical domain to carry out all tasks and procedures efficiently and effectively to meet agreed levels of service or specific requirements of Service or Operational Level Agreements.
• Gather and record service level information and produce statistics for use in measuring key performance indicators (KPIs), and ensure that required targets are met.
• Work within matrix-teams of staff across University IT to deliver enhanced technology solutions to the University, providing advice and guidance to analysts, designers, and less experienced colleagues where necessary.
• Consult with and advise Project Managers to help them plan, prioritise and set project milestones to ensure that resources are appropriately deployed in order to meet deadlines.
• Lead or participate in projects as appropriate, managing the operation of project teams, planning and organising work and monitoring progress.

Person Specification

Essential Criteria

1.    Excellent interpersonal and communication skills, both written and verbal.
2.    Good organisational skills with the ability to work flexibly to prioritise successfully under pressure.
3.    Demonstrable knowledge and experience in problem, error and knowledge management analysis, resolution and delivery techniques
4.    Able to document complex technical solutions in a logical and clear framework that can be readily understood by others.
5.    Excellent and proven relationship management skills with experience of managing the requirements of stakeholders
6.    Demonstrable experience of utilising toolsets for monitoring, auditing and reviewing service support performance.
7.    Proven ability to shape developments through active participation within  teams and groups.
8.    Demonstrable experience of Linux or Windows Server based environments, within the context of at least one of the following.
a.    Command Line shell scripting,
b.    fault finding/maintenance,
c.    programming languages to obtain and manipulate data.

9.    A good understanding of Information Security along with a basic understanding and interest in authentication.
10.    Demonstrable evidence of initiative-taking and independent working in recent work experience, coupled with evidence of ability to acquire new technology skillsets.

Desirable Criteria

1.    Direct experience with AzureAD, Active Directory or eDirectory
2.    An understanding of the concepts of Multi Factor Authentication
3.    A degree or equivalent experience / professional qualifications
4.    Welsh Language Skills

Additional Information

You will also be required to:
Establish relationships with key contacts to ensure role objectives are met, developing appropriate communication links with internal and external stakeholders as required.
• You will have or be prepared to develop an appropriate knowledge/skill level in the current technologies in use and to develop an appropriate knowledge/skill level in any new technologies that are introduced.
• Carry out some duties associated with a more senior role for developmental purposes or for a more junior role for operational reasons
• To ensure compliance with legal and regulatory requirements in respect of equality and diversity, data protection, copyright and licensing, security, financial and other University policies, procedures and codes as appropriate.
• To take reasonable care for the health and safety of yourself and of other persons who may be affected by your acts or omissions at work in accordance with the Health and Safety at Work Act 1974, EC directives and the University’s Safety, Health and Environment Policies and procedures and to cooperate with the University on any legal duties placed on it as the employer.
• You may also be asked to perform other duties occasionally which are not included above, but which will be consistent with the role. 

Where the role requires staff management and leadership the following responsibilities will also apply:
•    Be ultimately responsible for development and pastoral care and welfare of the staff under your line-management including objective setting, appraisal, performance review and training. Be a point of escalation for welfare issues including dealing with matters where there are no set guidelines or procedures.
•    Ensure that staff for whom you are responsible operate within appropriate risk assessments and operating procedures and are compliant with all University procedures and policies. 

Current technologies:
•    AzureAD
•    Shibboleth
•    Active Directory
•    eDirectory
•    NetIQ Identity Manager
•    Azure Active Directory Sync
•    ADFS
•    Application load balancing and high availability
•    NetIQ Access Manager
•    Linux (SLES, CentOS)
•    Windows Server 201x
•    SAML, Oauth/OIDC, LDAP

Job Category

Information Technology

View or Apply
To help us track our recruitment effort, please indicate in your cover/motivation letter where ( you saw this job posting.

Job Location