Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead identity technology projects and design secure, scalable platforms for a digital workplace.
- Company: Join Tesco Technology, a leader in innovative retail solutions.
- Benefits: Enjoy competitive salary, annual bonus, private medical insurance, and generous holiday allowance.
- Why this job: Make a real impact on identity technologies that enhance the colleague experience.
- Qualifications: Deep expertise in Active Directory, Azure AD, and PKI; scripting skills are a plus.
- Other info: Flexible hybrid working model with opportunities for career growth and development.
The predicted salary is between 36000 - 60000 £ per year.
Workplace Technology – Identity Systems Engineer III
(Active Directory, Entra ID, PKI, Modern Authentication)
Role Summary
This role sits within the workplace Identity team which is part of the Tesco Workplace Technology engineering team, part of a global engineering function delivering secure, scalable, and modern workplace solutions for Tesco colleagues. As a senior engineer and domain expert in Identity technologies, you will lead the full technology lifecycle — from strategy and design through to engineering, testing, and delivery — for the services that underpin our digital colleague experience.
Key Responsibilities
Strategic Leadership
- Act as a senior engineer for Identity within the Workplace Technology team, setting the direction, roadmap, and architectural standards for core identity services including Active Directory, Entra ID, PKI, and modern authentication protocols.
- Align identity strategy to Tesco’s broader digital workplace vision, collaborating closely with architects, product managers, security, and infrastructure teams.
- Stay ahead of market trends and emerging technologies in identity and access management, advocating for their adoption where beneficial.
- Design and deliver secure, scalable identity platforms that support global business needs and enable modern digital workplace capabilities.
- Engineer solutions across the identity lifecycle: concept, evaluation, prototyping, testing, production deployment, and service transition.
- Implement automation, codification (IaC), and integration with CI/CD practices to drive efficiency and resilience.
- Act as a senior escalation point for complex issues related to authentication, replication, certificate lifecycle, hybrid identity, and directory services.
Operational Excellence
- Build systems that are secure, stable, and easy to operate, with monitoring, alerting, and lifecycle planning embedded by design.
- Champion remediation of legacy identity components and uplift the security and operational posture of all identity services.
- Ensure knowledge is well documented and transitions smoothly into operational support with clear SLAs and handover practices.
Governance & Security
- Drive adoption of Zero Trust principles, secure admin tiering, modern auth standards, conditional access, and multifactor authentication.
- Own the health, design, and policy of PKI infrastructure and associated services (including certificate templates, CRLs, and HSMs).
- Work closely with the Security and Risk teams to ensure compliance with internal controls, regulatory obligations, and audit findings.
Leadership & Influence
- Represent Workplace Technology Identity Engineering across Tesco Technology and into broader cross-functional initiatives.
- Lead by example in engineering excellence, stakeholder engagement, and mentoring of less experienced engineers.
- Promote a culture of simplification, technical rigour, and continuous improvement.
Required Skills & Experience
- Deep expertise in:
- Active Directory: design, hardening, replication, domain controller lifecycle, GPOs, admin tiering.
- Azure AD / Entra ID: hybrid identity, conditional access, MFA, identity protection, SSO, SCIM.
- Public Key Infrastructure (PKI): policy, lifecycle, templates, automation, CRL/OCSP, HSMs.
- Demonstrated ability to design and deliver identity platforms in large, complex environments.
- Understanding of identity’s role in enterprise security frameworks and compliance requirements.
- Proficiency with scripting and automation tools (PowerShell, Terraform, etc.).
- Familiar with monitoring, backup, recovery, and DR practices for identity systems.
- Ensure identity services are designed with built-in resilience, supporting high availability, fault tolerance, and fast recovery across hybrid environments.
- Contribute to and maintain Business Continuity Plans (BCPs), ensuring critical identity components are documented with clear recovery priorities.
- Design and validate Disaster Recovery (DR) strategies for directory services, authentication systems, and PKI, with regular failover testing and documented RTO/RPO.
- Define and verify backup and recovery plans for identity infrastructure, including domain controllers, certificate authorities, and configuration artifacts.
- Estimate engineering effort and support the costing of identity-related projects, including resource planning, licensing, infrastructure, and delivery timelines.
- Partner with Workplace Technology leadership to shape and manage budgets, forecasts, and business cases for new identity initiatives.
Nice to Have
- Experience integrating identity across Linux, SaaS, and multi-cloud platforms.
- Understanding of M365, Microsoft ecosystem, and their dependency on robust identity infrastructure.
- Exposure to identity governance, entitlement management, and lifecycle workflows.
Complementary Skills
- Strong collaboration and influencing skills across engineering, operations, product, and security domains.
- Commercial and vendor awareness to support technology selection, licensing decisions, and cost optimisation.
- Strong written and verbal communication skills, with the ability to engage both engineers and senior stakeholders.
- A proactive, accountable, and resilient mindset — aligned to Tesco’s values and the mission of the Workplace Technology team.
#J-18808-Ljbffr
Workplace Technology - Identity - Systems Engineer III employer: Tesco Technology
Contact Detail:
Tesco Technology Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Workplace Technology - Identity - Systems Engineer III
✨Tip Number 1
Network like a pro! Reach out to current employees at Tesco or in the tech industry on LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
✨Tip Number 2
Prepare for those interviews! Research common questions for Systems Engineer roles and practice your answers. Make sure you can showcase your expertise in Active Directory and Azure AD, as well as your problem-solving skills.
✨Tip Number 3
Show off your projects! If you've worked on identity technologies or automation tools, create a portfolio or a GitHub repo to demonstrate your skills. This can set you apart from other candidates.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you're genuinely interested in joining the Tesco team.
We think you need these skills to ace Workplace Technology - Identity - Systems Engineer III
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience with identity technologies like Active Directory and Azure AD. We want to see how your skills align with the role, so don’t hold back on showcasing your expertise!
Showcase Your Achievements: When detailing your past roles, focus on specific projects where you’ve led identity solutions or improved security measures. We love seeing quantifiable results, so if you can, include metrics that demonstrate your impact.
Be Clear and Concise: Keep your application straightforward and to the point. Use clear language and avoid jargon unless it’s relevant to the role. We appreciate a well-structured application that’s easy to read and understand.
Apply Through Our Website: We encourage you to submit your application directly through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Tesco Technology
✨Know Your Identity Tech Inside Out
Make sure you brush up on your knowledge of Active Directory, Azure AD, and PKI. Be ready to discuss how you've designed and delivered identity platforms in complex environments. This will show that you're not just familiar with the tech but can also lead projects effectively.
✨Showcase Your Strategic Thinking
Prepare to talk about how you align identity strategies with broader business goals. Think of examples where you've set direction or influenced architectural standards. This will demonstrate your ability to think beyond the technical details and contribute to the company's vision.
✨Demonstrate Operational Excellence
Be ready to discuss how you've built secure and stable systems in the past. Highlight your experience with monitoring, alerting, and lifecycle planning. This will show that you understand the importance of operational efficiency and resilience in identity services.
✨Communicate Like a Pro
Practice explaining complex concepts in simple terms. You'll need to engage with both technical teams and senior stakeholders, so being able to communicate clearly is key. Prepare some examples of how you've successfully collaborated across different teams in previous roles.
