At a Glance
- Tasks: Design and implement cutting-edge identity management solutions for a sovereign cloud platform.
- Company: Join Era4, a mission-driven start-up transforming AI infrastructure with renewable energy.
- Benefits: Competitive pay, flexible work options, and opportunities for personal growth.
- Why this job: Make a real impact in a dynamic environment focused on innovation and sustainability.
- Qualifications: Experience in Kubernetes, IAM solutions, and a passion for security and governance.
The predicted salary is between 60000 - 75000 £ per year.
Era4 develops, owns and operates AI infrastructure across the UK, powered by renewable energy. Converting legacy industrial and energy sites into modern data‐centre facilities, Era4 is combining brownfield regeneration opportunities with cleaner, efficient, scalable compute capacity for healthcare, research, finance, enterprise, and public‐sector organisations.
Initial 3 month contract.
Role Summary
The Identity & Platform Engineer is responsible for designing, implementing and operating the core platform services that provide:
- Sovereign identity management
- Federation and authentication services
- Privileged access management
- Secrets management
- Customer identity integration
- Platform security and governance
The successful candidate will play a key role in delivering a Zero Trust, sovereign cloud platform built around: FreeIPA, Teleport, authentik, Bitwarden, Kubernetes.
Key Responsibilities
- Identity & Access Management Engineering
- Design, implement and operate the sovereign identity platform supporting workforce, administrative and customer identity domains.
- Implement and maintain FreeIPA as the authoritative administrative identity platform.
- Deploy, configure and operate authentik for customer federation, SAML and OIDC integration.
- Implement and maintain Teleport as the privileged access management platform.
- Design and maintain RBAC models across Kubernetes, Rafay and supporting platform services.
- Integrate phishing-resistant MFA technologies including WebAuthn and FIDO2 security keys.
- Implement identity lifecycle management processes including onboarding, access reviews and deprovisioning.
- Support customer identity federation onboarding and integration activities.
- Contribute to the ongoing evolution of the platform's Zero Trust architecture.
- Security, Governance & Zero Trust
- Implement Zero Trust security controls across platform services.
- Design and maintain Kubernetes RBAC and tenant isolation controls.
- Implement privileged access governance using Teleport.
- Maintain audit logging, compliance evidence collection and security monitoring capabilities.
- Support security reviews, threat modelling and risk assessments.
- Implement security hardening standards across Kubernetes, Linux and supporting infrastructure.
- Participate in security incident response and root cause analysis activities.
- Maintain compliance with security and governance requirements.
- Secrets & Certificate Management
- Operate Bitwarden and Bitwarden Secrets Manager platforms.
- Manage operational credentials, API keys and automation secrets.
- Implement secure secret distribution patterns for platform and application workloads.
- Support certificate lifecycle management and PKI integration.
- Maintain operational processes for break‐glass credential governance and recovery.
Required Experience & Skills
- Hands‐on experience operating production Kubernetes environments.
- Solid Linux systems administration and troubleshooting experience.
- Knowledge designing and operating Identity and Access Management (IAM) solutions.
- Experience with LDAP, Kerberos, SAML and OpenID Connect (OIDC).
- Previous experience implementing authentication, federation and RBAC solutions.
- Skilled in operating infrastructure and platform security services.
- Experience with Infrastructure as Code and automation tooling.
- Knowledge implementing monitoring, logging and observability solutions.
- Solid understanding of Zero Trust security principles.
- Experience with GitOps practices and cloud‐native operational models.
- Proven incident management and root cause analysis experience.
One or more would be an advantage
- Prior experience with FreeIPA or enterprise directory services.
- Experience with authentik, Keycloak or similar federation platforms.
- Knowledge with Teleport, CyberArk or other privileged access management technologies.
- Experience with Bitwarden, Vault or secrets management platforms.
- Knowledge operating GPU‐enabled Kubernetes environments.
- Previously supported AI, HPC or large‐scale compute platforms.
- Experience implementing PKI and certificate management solutions.
- Kubernetes multi‐tenancy and platform security experience.
- Sovereign, regulated or highly secure environments exposure.
- Familiarity with SOC2, ISO27001, NCSC or equivalent security frameworks.
- Background in Platform Engineering, DevOps or Site Reliability Engineering.
Why Join Era4
You'll be joining a mission‐driven start‐up building critical national infrastructure, where operational excellence directly enables growth. This role offers high visibility with leadership, real autonomy, and the chance to shape how a next‐generation company operates at scale.
Diversity & Inclusion
Era4 is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
United Kingdom (Occasional office visit may be required)
Identity & Platform Engineer - (Contract) in London employer: Carbon3ai Limited.
Era4 is an exceptional employer, offering a unique opportunity to work at the forefront of AI infrastructure development in the UK. With a strong commitment to renewable energy and brownfield regeneration, employees can expect a dynamic work culture that fosters innovation and collaboration. The company prioritises diversity and inclusion, providing ample opportunities for professional growth and the chance to make a meaningful impact in a mission-driven environment.
StudySmarter Expert Advice🤫
We think this is how you could land Identity & Platform Engineer - (Contract) in London
✨Get Engaged in Cybersecurity Communities
Dive into online forums or local meetups, like OWASP events or Cybersecurity conferences. These spaces are packed with pros who can share insights and might even know about temporary roles at places like Carbon3ai Limited..
✨Showcase Your Skills Publicly
Link your GitHub or create a series of blogs sharing your knowledge on cybersecurity topics. It’s a great way to demonstrate your expertise and attract attention from hiring managers, especially when they see your passion in action.
✨Stay On Top of Temp Opportunities
Keep an eye on platforms that list temporary positions specifically in tech. Websites focusing on contract roles in cybersecurity can lead straight to employers like Carbon3ai Limited..
✨Make Contact with Recruiters Specialising in Cybersecurity
Reach out to recruitment agencies that focus on cybersecurity roles. They often have insights into temporary roles before they’re advertised and can put your name forward to companies like Carbon3ai Limited..
We think you need these skills to ace Identity & Platform Engineer - (Contract) in London
Some tips for your application 🫡
Show Off Your Technical Skills:In cybersecurity, it's vital to highlight your skills with relevant tools and technologies. Make sure your CV showcases your experience with firewalls, intrusion detection systems, and any cybersecurity frameworks you've worked with. This gives Carbon3ai Limited. a clear view of your capabilities right off the bat.
Certifications Matter:If you’ve got any cybersecurity certifications, like CompTIA Security+ or CISSP, flaunt them! These not only validate your skills but also show that you’re committed to the field. Add a section to your CV specifically for this, because in a temporary role like this, those credentials can really set you apart.
Tailor Your Cover Letter to the Role:For a temporary position, we want to see your willingness to learn and adapt quickly. Make your cover letter specific to the role at Carbon3ai Limited.; mention why you’re excited about the opportunity and how it fits your career goals. A personal touch can make a big difference!
Don’t Forget the Soft Skills:In cybersecurity, technical skills are crucial, but so are soft skills like teamwork and communication. Make sure to weave examples of how you've collaborated with teams or communicated complex ideas into your application. This shows that you're not just a tech whizz but also a great team player, perfect for a temporary role at Carbon3ai Limited..
How to prepare for a job interview at Carbon3ai Limited.
✨Brush Up on Technical Skills
Make sure you’re familiar with the latest cybersecurity tools and techniques, like firewalls, intrusion detection systems, and malware analysis. During the interview with Carbon3ai Limited. for the Identity & Platform Engineer - (Contract), be prepared to discuss specific scenarios where you tackled security threats or vulnerabilities.
✨Show Your Problem-Solving Prowess
Cybersecurity is all about thinking on your feet. Expect technical questions that require you to demonstrate your problem-solving abilities. You might be presented with a mock security breach scenario, so practising your responses to potential threats can be a game changer!
✨Demonstrate Your Adaptability
As this is a temporary role, showing that you're adaptable and quick to learn is crucial. Talk about times you've picked up new skills or reacted to changing situations quickly. Employers want to know you can hit the ground running and keep things secure during your short stay at Carbon3ai Limited..
✨Bring Relevant Certifications
If you have any relevant cybersecurity certifications, like CompTIA Security+ or CEH, be sure to mention them. This can really help you stand out during a temporary hiring process, as it showcases your commitment to the field and your readiness to take on the Identity & Platform Engineer - (Contract) role at Carbon3ai Limited..