Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the design and delivery of secure identity solutions for Tesco's digital workplace.
- Company: Join Tesco, a leading retailer with a commitment to innovation and inclusivity.
- Benefits: Enjoy competitive pay, generous holiday, private healthcare, and a supportive work environment.
- Why this job: Make a real impact on identity technology while working in a hybrid, collaborative setting.
- Qualifications: Expertise in Active Directory, Azure AD, PKI, and automation tools required.
- Other info: Be part of a diverse team that values your unique contributions and growth.
The predicted salary is between 36000 - 60000 ÂŁ per year.
This role sits within the workplace Identity team which is part of the Tesco Workplace Technology engineering team, part of a global engineering function delivering secure, scalable, and modern workplace solutions for Tesco colleagues. As a senior engineer and domain expert in Identity technologies, you will lead the full technology lifecycle - from strategy and design through to engineering, testing, and delivery - for the services that underpin our digital colleague experience.
What is in it for you
- Annual bonus scheme of up to 20% of base salary
- Holiday starting at 25 days plus a personal day (plus Bank holidays)
- Private medical insurance
- 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 4 weeks fully paid paternity leave
- Free 24/7 virtual GP service, Employee Assistance Programme (EAP) for you and your family, free access to a range of experts to support your mental wellbeing
You will be responsible for
- Strategic Leadership
- Act as a senior engineer for Identity within the Workplace Technology team, setting the direction, roadmap, and architectural standards for core identity services including Active Directory, Entra ID, PKI, and modern authentication protocols.
- Align identity strategy to Tesco's broader digital workplace vision, collaborating closely with architects, product managers, security, and infrastructure teams.
- Stay ahead of market trends and emerging technologies in identity and access management, advocating for their adoption where beneficial.
- Engineering & Delivery
- Design and deliver secure, scalable identity platforms that support global business needs and enable modern digital workplace capabilities.
- Engineer solutions across the identity lifecycle: concept, evaluation, prototyping, testing, production deployment, and service transition.
- Implement automation, codification (IaC), and integration with CI/CD practices to drive efficiency and resilience.
- Act as a senior escalation point for complex issues related to authentication, replication, certificate lifecycle, hybrid identity, and directory services.
- Operational Excellence
- Build systems that are secure, stable, and easy to operate, with monitoring, alerting, and lifecycle planning embedded by design.
- Champion remediation of legacy identity components and uplift the security and operational posture of all identity services.
- Ensure knowledge is well documented and transitions smoothly into operational support with clear SLAs and handover practices.
- Governance & Security
- Drive adoption of Zero Trust principles, secure admin tiering, modern auth standards, conditional access, and multifactor authentication.
- Own the health, design, and policy of PKI infrastructure and associated services (including certificate templates, CRLs, and HSMs).
- Work closely with the Security and Risk teams to ensure compliance with internal controls, regulatory obligations, and audit findings.
- Leadership & Influence
- Represent Workplace Technology Identity Engineering across Tesco Technology and into broader crossâfunctional initiatives.
- Lead by example in engineering excellence, stakeholder engagement, and mentoring of less experienced engineers.
- Promote a culture of simplification, technical rigour, and continuous improvement.
You will need
- Deep expertise in:
- Active Directory: design, hardening, replication, domain controller lifecycle, GPOs, admin tiering.
- Azure AD / Entra ID: hybrid identity, conditional access, MFA, identity protection, SSO, SCIM.
- Public Key Infrastructure (PKI): policy, lifecycle, templates, automation, CRL/OCSP, HSMs.
- Authentication protocols: OAuth2, OpenID Connect, SAML, Kerberos, NTLM, WSâFed.
About us
Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet.
We are proud to have an inclusive culture at Tesco where everyone truly feels able to be themselves. At Tesco, we not only celebrate diversity, but recognise the value and opportunity it brings. We're committed to creating a workplace where differences are valued, and make sure that all colleagues are given the same opportunities. We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process.
We're a big business and we can offer a range of diverse fullâtime & partâtime working patterns across many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
Workplace Technology - Systems Engineer III - Identity (Active Directory, Entra ID, PKI, Modern[...] in Welwyn Garden City employer: Tesco - Corporate
Contact Detail:
Tesco - Corporate Recruiting Team
StudySmarter Expert Advice đ¤Ť
We think this is how you could land Workplace Technology - Systems Engineer III - Identity (Active Directory, Entra ID, PKI, Modern[...] in Welwyn Garden City
â¨Tip Number 1
Network like a pro! Reach out to current or former employees at Tesco through LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
â¨Tip Number 2
Prepare for the interview by diving deep into Tesco's workplace technology. Familiarise yourself with their identity solutions and think about how your skills in Active Directory and PKI can add value. Show them youâre not just a fit, but the perfect fit!
â¨Tip Number 3
Practice makes perfect! Get a mate to do mock interviews with you. Focus on articulating your experience with identity technologies and how youâve tackled challenges in past roles. Confidence is key!
â¨Tip Number 4
Donât forget to apply through our website! Itâs the best way to ensure your application gets seen. Plus, it shows youâre serious about joining the Tesco team. Letâs get you that job!
We think you need these skills to ace Workplace Technology - Systems Engineer III - Identity (Active Directory, Entra ID, PKI, Modern[...] in Welwyn Garden City
Some tips for your application đŤĄ
Tailor Your Application: Make sure to customise your CV and cover letter for the role. Highlight your experience with Active Directory, Entra ID, and PKI, as these are key areas for us at Tesco. Show how your skills align with our vision of delivering secure and scalable workplace solutions.
Showcase Your Expertise: Donât hold back on showcasing your deep expertise in identity technologies. We want to see your knowledge of authentication protocols and your ability to design and deliver identity platforms in complex environments. Be specific about your achievements!
Be Clear and Concise: When writing your application, keep it clear and to the point. Use bullet points where possible to make it easy for us to read. We appreciate straightforward communication, so avoid jargon unless it's relevant to the role.
Apply Through Our Website: We encourage you to apply directly through our website. Itâs the best way for us to receive your application and ensures youâre considered for the role. Plus, youâll find all the details you need about the position there!
How to prepare for a job interview at Tesco - Corporate
â¨Know Your Identity Tech Inside Out
Make sure you brush up on your knowledge of Active Directory, Entra ID, and PKI. Be ready to discuss how you've designed and delivered identity platforms in complex environments. This will show that you're not just familiar with the tech, but that you can lead the charge in implementing it.
â¨Showcase Your Strategic Thinking
Prepare to talk about how you align identity strategies with broader digital workplace visions. Think of examples where you've collaborated with architects and product managers to drive successful outcomes. This will demonstrate your ability to think strategically and work cross-functionally.
â¨Demonstrate Your Problem-Solving Skills
Be ready to discuss complex issues you've faced related to authentication or hybrid identity. Share specific examples of how you approached these challenges and what solutions you implemented. This will highlight your expertise and your ability to handle pressure.
â¨Emphasise Continuous Improvement
Talk about how you've championed automation and integration in your previous roles. Discuss any initiatives you've led to uplift security and operational posture. This shows that you're not just about maintaining the status quo, but are committed to driving efficiency and innovation.