Cloud Identity Engineer Full Time

Leeds, Yorkshire
Lloyds Banking Group

Cloud Identity Engineer

Lloyds Banking Group

Location: Leeds; Halifax; Bristol; Manchester; Edinburgh or London

Salary & Benefits

£52,912 to £85,982 base salary, plus annual personal bonus, 15% employer pension contribution (when you put in 6%), 4% flexible cash pot, private medical insurance, 30 days holiday plus bank holidays.

We also offer flexible working hours, agile working practices and regular home working. We aim to ensure you have a good work-life balance and positive mental health.

Who are Lloyds Banking Group?

Lloyds Banking Group is the UK’s leading digital franchise, with over 13 million active online customers across our three main brands – including Lloyds Bank, Halifax and Bank of Scotland – as well as the biggest mobile bank in the country. We’re building the bank of the future, and we need your help.

The Role

Our Cloud Services Security Team is looking for an Identity & Access Management Engineer to work as part of a team of engineers in the Cloud Identity Services team to deliver Identity & Access management tooling, processes and controls across the bank’s Public Cloud Platforms. You’ll work as part of a high performing team who are designing and implementing tooling which meets the bank’s Cloud Control Framework, while also delivering capability and agility for value stream consumers. You’ll be working across both the Cloud Services platform and our existing teams in Security to both implement cloud native tooling and integrate with our Cloud Services tooling and controls, as well as the implementation and integration of leading third-party tooling to improve our identity and access controls and processes (e.g., Sailpoint, Saviynt, PING).

What you’d get involved with:

Delivery of Native Identity & Access Management Tooling and automation, providing identity and access management capability which serves our customers need, while aligning to our control obligations. Key native capabilities include:

Build and maintenance of automated DevOps / CICD pipelines

Code curation using Terraform (GCP) and PowerShell (azure)

Building the processes and controls associated with native identity and access management processes:

User access management

Identity & access monitoring and alerting

Value Stream and Workstream onboarding

Service account lifecycle management

Integrating Public Cloud identity and access management controls and processes with LBG’s incumbent enterprise Identity tooling (Oracle Identity Manager), as well as migration to new tooling when available (Sailpoint, PING Identity), achieving integration with enterprise Identity & Access Management controls:

Joiners, Movers, Leavers

Recertification

Identity Federation and Identity Provider design

Delivery of new SaaS products (Saviynt) and integration into public cloud to deliver improved Privileged Access Management controls and colleague experience.

What’s needed to be considered for this job?

Our engineering function is split in two (Google Cloud and Azure) however there are opportunities for cross skilling across cloud platforms.

Understanding of Public Cloud platforms, including CICD pipeline technologies

Ability to code and build automation, experience in a language such as Python, PowerShell, Java/ Groovy

Proven track record of delivering technical solutions and automation of solutions at scale

Proactively seeks out opportunities and implements service improvements whilst building customer satisfaction

Understanding of the bank’s control environments and the role of compliance and security as part of technology design and implementation.

Working collaboratively across multiple labs and teams to help contribute by experimenting with new tools, methods, and approaches.

Support assessment of tools to deliver our objectives, through Proof of Concept and Pilot activities, and ensure their smooth transition into BAU

Desirable:

Experience working in an Identity & Access Management or IT Security function and relevant Security qualifications (CISA, CISM, CISMP, CISSP)

Experiencing and understanding of Microsoft Azure, Google Cloud (GCP) or AWS including security and identity capabilities and tools.

Experience working in agile sprints, understanding of Atlassian product suite (Jira and Confluence) for collaboration

Capability to identify technical risks, articulate the associated IT costs and business impacts, and propose options for resolution

Ability to operate and influence in a complex, large scale and diverse environment

Highly articulate with good verbal and written communication

Experience with data querying and analysis using languages such as SQL or KQL

Experience with Privileged Access Management methodology and technical solutions such as CyberArk, Azure PIM, Saviynt, BeyondTrust.

What you’d get in return:

Offering you both opportunity and profile – we’ll provide you with a diverse, energising and lively environment that focuses on equal opportunity and real career progression.

We’ll take your personal and professional development very seriously and enable you to make a genuine difference to millions throughout your career with us.

An opportunity to work with senior Scrum Masters. build experience and skills doing the Scrum Master role in a high profile and highly visible team delivering to the Group’s business vision!

Together we make it possible.