diff --git a/playbooks/roles/cit_user/tasks/main.yaml b/playbooks/roles/cit_user/tasks/main.yaml
new file mode 100644
index 0000000..6206996
--- /dev/null
+++ b/playbooks/roles/cit_user/tasks/main.yaml
@@ -0,0 +1,18 @@
+- name: Ensure cit user
+  ansible.builtin.user:
+    name: cit
+    create_home: true
+    shell: /bin/bash
+    password: '!'
+    state: present
+  become: true
+
+- name: Ensure cit user has root privileges
+  community.general.sudoers:
+    name: cit root privileges
+    user: cit
+    commands: ALL
+    host: ALL
+    nopassword: true
+    validation: required
+    state: present