Active Directory Engineer

About The Position

Requirements

• At least 5-10 years of dedicated Active Directory engineering and architecture experience that includes designing, implementing and maintaining complex enterprise level (50K+ objects) Active Directory solutions and security models
• 3-5 years of Powershell Scripting with the ability to write scripts from scratch
• Overarching broad and deep technical experience with Active Directory Security
• Extensive experience and advanced knowledge implementing Windows security concepts and policies, least-privilege design principles
• Extensive knowledge of AD Security best-practices, latest security threats/trends and mitigation thereof
• Experience with best practices for Active Directory disaster recovery, object management, security models and trust creation
• Granular ACE permissions models meeting functional and technical requirements
• Deep, in-depth working knowledge of Kerberos and NTLM authentication, MFA, SSO and federation technologies
• Extensive and deep knowledge of Group Policy Objects (GPOs), engineering, implementing and 3rd party management solutions thereof
• Strong knowledge of LDAP and ability to comfortably construct queries
• Working knowledge of Certificate/CA/PKI infrastructure
• Excellent communication skills, including proven experience effectively communicating technical challenges and solutions to peers, customers and management

Nice To Haves

• Experience with Microsoft’s Enhanced Security Architecture Environment (ESAE) - “Red/Bastion/Admin” forest design; including JIT (just in time) JEA (just enough administration) concepts; Microsoft PAM (Privileged Access Manager)
• Experience engineering password vaulting solutions (CyberArk, Lieberman, Thycotic, etc.)
• PowerShell scripting experience and capabilities
• MS SQL/DB knowledge
• Microsoft or 3rd party management and monitoring solutions (SCCM, SCOM, VCM, NetIQ GPDH/GPA)
• Unix/Linux skills; Vintela VAS integration; RedHat IdM

Responsibilities

• Analyzing Active Directory hundreds of group policies and making decisions on how to eliminate or streamline these policies trough automation via PowerShell scripting.
• Working within the engineering organization.
• Writing PowerShell scripts from scratch.
• Interacting with peer teams and partner groups.
• Scaling and deploying improvement, consolidation and migration efforts within the enterprise.
• Operating and functioning well in a multi-cultural, geographically dispersed virtual team environment.

Benefits

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)