Linux Identity Engineer

Total remuneration: £58,281-£68,621

Pay Supplement: The base salary for this role is £50,243-£59,156. This job qualifies for Digital, Data and Technology Annual Pay supplement 16% is included in the total remuneration above.

Pension: 28.97% (RoS contribution)

Annual leave: 38 days annual holiday, increasing to 42 days with length of service.

Duration: Permanent

Working Pattern: 35 hours per week. We are a flexible employer and will consider a variety of working patterns on a case-by-case basis.

Location: Hybrid working model. Contractual base either at Meadowbank House, Edinburgh (EH8 7AU), or St Vincent Plaza, Glasgow (G2 5LD). You will be expected to attend one of these locations as required by the role.

Department: Cyber Security

Directorate: Digital, Data and Technology

Grade: Senior Executive Officer

Closing date: 14 June at 11.59pm

Number of vacancies: 1

Join an award-winning organisation recognised for its technology and innovation. Registers of Scotland is a world-leading pioneer in land and property registration. Our full-stack teams design, architect, and build all our registration products in-house. We work to create digital solutions for the people of Scotland. You will get an opportunity to nurture your creativity and develop with us through access to the latest data, software engineering and product delivery techniques.

This job is for you if you want…

• Work with purpose: working for the people of Scotland to set the bar for land and property registration worldwide.
• Flexible and hybrid working: depending on the role and team requirements, work when and where it’s best for you and your stakeholders.
• Benefits: enjoy pay progression, pension contributions of up to 28.97%, up to a year’s parental leave, and 38 days annual holiday, increasing to 42 days with length of service.
• Investment in professional development: we invest in all our people so that they have the right skills to be productive and confident in their job.
• Diversity and Inclusion: We are an ‘Investor in People’ and a ‘Disability Confident’ employer. We are inclusive, stronger together, and committed to putting our people first.
• Positive work culture: RoS is an agile, digital organisation using leading-edge technology. Colleagues understand their role in achieving our strategy and have the autonomy to deliver.

The Role

We’re looking for a Senior Linux Identity Engineer to join our Cyber Security team at Registers of Scotland, playing a critical role in securing and modernising our technology estate. In this position, you’ll be the subject matter expert for Linux identity and access management, shaping how we design and deliver secure authentication and privileged access across our estate. You’ll be at the forefront of strengthening least-privilege access, embedding security controls, and driving automation and consistency as we expand our cloud capabilities.

Working across cyber security, identity engineering, infrastructure, and cloud teams, you’ll act as a trusted technical authority, helping to ensure our platforms are resilient, scalable, and secure. The role offers the opportunity to influence key decisions, contribute to major transformation initiatives, and play a vital part in protecting critical national services.

We’re looking for someone who combines deep technical expertise with strong collaboration skills, someone who can confidently engage with both technical and non-technical stakeholders, particularly in high-impact situations such as incidents and major changes.

On a typical day you will…

• Design, deploy, and manage Linux identity and authentication services across RHEL and Ubuntu estates, including Red Hat Identity Management (IdM).
• Lead the implementation and continuous improvement of Privileged Access Management (PAM) controls for Unix/Linux systems, including policy enforcement, just-in-time access, and least-privilege models.
• Deploy and integrate security controls to support vulnerability and threat management tooling within the Linux estate.
• Develop and maintain a standardised role-based access control (RBAC) approach for Linux systems.
• Support the design and delivery of secure, automated builds for RHEL 8 & 9.
• Develop and maintain automation using Python and shell scripting to support identity, access, and security operations.
• Create and maintain documentation, including architecture diagrams, operating procedures, and technical standards.
• Act as a senior technical escalation point for Linux identity and access-related incidents and complex issues.
• Collaborate with cross-functional teams to integrate Linux identity services with enterprise identity platforms, cloud services, and security tooling.
• Contribute to continuous improvement of disaster recovery readiness, supporting recovery time objectives of 2 hours and recovery point objectives of zero.
• Provide mentorship and technical guidance to junior engineers and colleagues across the wider cyber and infrastructure teams.

Key Responsibilities

Essential Criteria – Skills and Attributes for Success

Experience/Technical:

• Significant commercial experience in a senior Linux / Unix engineering or identity-focused role.
• Strong hands-on experience with RHEL 6/7/8/9 system administration.
• Experience implementing and managing Red Hat Identity Management (IdM).
• Strong automation and scripting capability using Python and shell scripting.
• Proven experience applying principles of least privilege, just-in-time access, and privileged access controls.
• Experience integrating Linux systems with enterprise identity, PAM, and security platforms.
• Solid understanding of networking fundamentals, including TCP/IP, DNS, and authentication flows.
• Strong documentation skills and experience producing maintainable, supportable designs.
• Excellent communication skills, with the ability to explain complex technical concepts to non-technical audiences.
• Experience managing and implementing Privileged Access Management solutions, role-based access control, least privileged, and just-in-time controls.
• Experience with directory / identity service integration with custom applications and 3rd party identity providers.
• Strong analytical and problem-solving skills, with a keen attention to detail and the ability to prioritise and manage multiple tasks simultaneously.
• Excellent communication skills and experience of communicating effectively to different audiences, including senior management, with the ability to describe technical issues in a non-technical manner.

Behaviours

At application stage, you will be scored against the bolded Behaviours and against all Behaviours for the assessment:

• Analysis and making effective decisions
• Delivering a quality service
• Collaborating and partnering / building capabilities for all

Stage one - Application Process

To apply, click on 'Apply now' and complete the online application form. You will need to submit:

• A CV outlining your career history and how you meet the technical/experience criteria (max 4 pages).
• Responses explaining how you meet the required Making Effective Decisions and Delivering a Quality Service behaviours of the role (maximum 300 words per answer in the spaces provided).

Please note:

• If we receive a high volume of applications, we may complete an initial sift on technical/experience criteria.
• We reserve the right to invite candidates to participate in a telephone interview prior to being further assessed.
• Applications that are not accompanied by CVs or responses exceeding 300 words per behaviour will not be considered.
• We would strongly recommend that your statement is written in the STAR format (Situation, Task, Action & Result) and preparing your answers using software such as MS Word or Google Docs, and then uploading the file.
• We strongly advise you review our policy on responsible use of AI in the application process. RoS may check answers with an AI detection tool and will contact you for a pre-screening call to verify your responses.

Applications and appointments are subject to a strict merit-based assessment process, in line with the Civil Service Recruitment Principles.

Stage two – assessment

If successful at application stage, you will be invited to an in-person interview which will include the following:

• Technical Exercise – an exercise will be shared in advance for completion prior to the interview via the Hackerrank Platform. Candidates will attend a technical discussion on the day to explore their approach and rationale.
• Behaviour based interview

Campaign Schedule:

• Vacancy Closes: 14 June, 11.59pm
• Sift: 15-17 June
• Invite to interview: 18 June
• Interview: 24-25 June (Dates subject to change)

Information on Success Profiles

For further information on success profiles, visit our Success Profiles.

Feedback

Feedback will only be provided if you progress to interview stage.

Reserve List

In the event that further posts are required, a reserve list of successful candidates will be kept for up to 12 months.

Nationality and immigration status

In general, only nationals from the following countries (and associations of countries) are eligible for employment in the Civil Service: the United Kingdom, the Republic of Ireland, and the Commonwealth. EU nationals (with settled or pre-settled status), certain EEA nationals, Swiss and Turkish nationals are also eligible for employment.

Security

Successful candidates must undergo a Level 1 Disclosure check. Individuals working with government assets must complete baseline personnel security standard checks.

Equality, diversity and inclusion

As a proud member of the Disability Confident Scheme, we welcome applications from disabled candidates. We’re not as diverse as we’d like yet, and we’re working on it. We especially welcome applications from underrepresented groups – people who are disabled, minoritised ethnic groups, and younger people (16-24 years of age).

DDaT supplement

This post is part of the Digital, Data and Technology profession (DDAT) and attracts a pay supplement. The DDaT allowance is applied to the role and not you as an individual.

Further information

For further information relating to RoS, including additional details on pay & benefits, the Civil Service Code, complaints process, and use of AI in the application/recruitment process, please view our additional information page online.

If you have any questions, please contact talent@ros.gov.uk