×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Systems Engineer Cybersecurity

Workplace Technology - Systems Engineer III - Identity; Active Directory, Entra , PKI, Modern

Job in Welwyn Garden City, Hertfordshire, AL8, England, UK
Listing for: Tesco - Corporate
Full Time position
Listed on 2026-02-18
Job specializations:
  • Engineering
    Systems Engineer, Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Workplace Technology - Systems Engineer III - Identity (Active Directory, Entra ID, PKI, Modern[...]

Tesco UK
• Welwyn Garden City
• Hybrid
• Full-Time
• Working hours 36
• Apply by 31-Mar-2026

This role sits within the workplace Identity team which is part of the Tesco Workplace Technology engineering team
, part of a global engineering function delivering secure, scalable, and modern workplace solutions for Tesco colleagues. As a senior engineer and domain expert in Identity technologies
, you will lead the full technology lifecycle - from strategy and design through to engineering, testing, and delivery - for the services that underpin our digital colleague experience.

What is in it for you

We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work.  to find out more!

  • Annual bonus scheme of up to 20% of base salary
  • Holiday starting at 25 days plus a personal day (plus Bank holidays)
  • Private medical insurance
  • 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
  • Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing

You will be responsible for

Strategic Leadership
  • Act as a senior engineer for Identity within the Workplace Technology team, setting the direction, roadmap, and architectural standards for core identity services including Active Directory, Entra , PKI
    , and modern authentication protocols.
  • Align identity strategy to Tesco's broader digital workplace vision, collaborating closely with architects, product managers, security, and infrastructure teams.
  • Stay ahead of market trends and emerging technologies in identity and access management, advocating for their adoption where beneficial.
Engineering & Delivery
  • Design and deliver secure, scalable identity platforms that support global business needs and enable modern digital workplace capabilities.
  • Engineer solutions across the identity lifecycle: concept, evaluation, prototyping, testing, production deployment, and service transition.
  • Implement automation, codification (IaC), and integration with CI/CD practices to drive efficiency and resilience.
  • Act as a senior escalation point for complex issues related to authentication, replication, certificate lifecycle, hybrid identity, and directory services.
Operational Excellence
  • Build systems that are secure, stable, and easy to operate
    , with monitoring, alerting, and lifecycle planning embedded by design.
  • Champion remediation of legacy identity components and uplift the security and operational posture of all identity services.
  • Ensure knowledge is well documented and transitions smoothly into operational support with clear SLAs and handover practices.
Governance & Security
  • Drive adoption of Zero Trust principles, secure admin tiering, modern auth standards, conditional access, and multifactor authentication.
  • Own the health, design, and policy of PKI infrastructure and associated services (including certificate templates, CRLs, and HSMs).
  • Work closely with the Security and Risk teams to ensure compliance with internal controls, regulatory obligations, and audit findings.
Leadership & Influence
  • Represent Workplace Technology Identity Engineering across Tesco Technology and into broader cross‑functional initiatives.
  • Lead by example in engineering excellence, stakeholder engagement, and mentoring of less experienced engineers.
  • Promote a culture of simplification, technical rigour, and continuous improvement.
You will need
  • Deep expertise in:
    • Active Directory
      : design, hardening, replication, domain controller lifecycle, GPOs, admin tiering.
    • Azure AD / Entra : hybrid identity, conditional access, MFA, identity protection, SSO, SCIM.
    • Public Key Infrastructure (PKI): policy, lifecycle, templates, automation, CRL/OCSP, HSMs.
    • Authentication protocols
      : OAuth2, OpenID Connect, SAML, Kerberos, NTLM, WS‑Fed.
  • Demonstrated ability to design and deliver identity platforms in large, complex environments.
  • Understanding of identity's role in enterprise security frameworks and compliance requirements.
  • Proficiency with…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search