Identity Platform Owner

Overview

We’re Kingfisher, A team made up of over 74,000 passionate people who bring Kingfisher - and all our other brands: B&Q, Screwfix, Brico Depot, Castorama and Koctas to life. Guided by our purpose Better Homes. Better Lives. For Everyone. We believe a better world starts with better homes, and we work every day to make that a reality. Join us and help shape the future of home improvement.

We have an opportunity for an Identity Platform Engineering Owner to join us, to provide senior technical leadership and product ownership of Kingfisher’s core identity platforms (specifically Cloud Identity, Directory Infrastructure and PKI & Machine Identity), ensuring they are secure, resilient and fit for the future. This role shapes and delivers the technical strategy and roadmap that enables safe access to systems and services, supporting a Zero Trust, cloud‑first environment.

We are open to basing the role out of any of our UK office locations in Paddington, Southampton or Yeovil, with an expectation of 12 days a month in the office. Due to the wider team and stakeholders the role supports mostly being based out of Southampton, we would expect travel to this site on a weekly basis.

What’s the job?

• Own and continuously evolve the technical roadmap for cloud identity, directory infrastructure and PKI / machine identity platforms, ensuring alignment with security and cloud‑first principles.
• Act as the senior technical authority for identity platform design, providing clear architectural direction and leadership on complex technical decisions.
• Ensure the security, resilience, performance and availability of Active Directory, Microsoft Entra ID and hybrid identity services.
• Govern identity security controls, including Conditional Access, MFA and passwordless authentication, federation technologies and directory access models.
• Lead modernisation initiatives that improve automation, simplify platforms and support the structured decommissioning of legacy identity services.
• Oversee PKI governance, certificate lifecycle management and machine and workload identity services, setting clear operational standards.
• Use service metrics, operational insight, audit findings and incident learnings to drive continuous improvement across identity platforms.

What you’ll bring

• Strong hands‑on experience with Active Directory, Microsoft Entra ID and hybrid identity environments.
• Proven experience designing, implementing and governing Conditional Access, MFA and passwordless authentication, and federation technologies (OIDC/SAML).
• Practical knowledge of PKI, ADCS, certificate lifecycle management and machine or workload identities.
• Deep understanding of identity security controls, including privileged access management and administrative hardening.
• Ability to provide senior technical leadership, influencing both technical and non‑technical stakeholders and clearly explaining risk and impact.

How We Work We believe in flexibility and balance. Our hybrid model blends home working for focus with time spent connecting and collaborating - whether in our offices or at offsite locations. On average, around 60% of your time will involve in-person collaboration.

We value the perspectives new team members bring and encourage you to apply - even if you don’t meet 100% of the requirements.

What We Offer An inclusive environment where your potential is limited only by your imagination. We encourage new ideas, support experimentation, and strive to create a workplace where everyone can be their best self. Find out more about Diversity & Inclusion at Kingfisher here.

We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career. Scroll down below to find out more about our benefits.

Diversity & Inclusion Our customers come from all walks of life - and so do we. We’re committed to ensuring all colleagues, future colleagues, and applicants are treated equally, regardless of age, gender, marital or civil partnership status, ethnicity, culture, religion, belief, political opinion, disability, gender identity, gender expression, or sexual orientation.

Interested? Great, apply now and help us to Power the Possible.

#LI-KO1

Key responsibilities

• Own and continuously evolve the technical roadmap for cloud identity, directory infrastructure and PKI / machine identity platforms, ensuring alignment with security and cloud-first principles.
• Act as the senior technical authority for identity platform design, providing clear architectural direction and leadership on complex technical decisions.
• Lead modernisation initiatives that improve automation, simplify platforms and support the structured decommissioning of legacy identity services.