Directory Services Security Engineer

About the position

The Directory Services Security Engineer will be responsible for managing and supporting activities related to Active Directory security services, including Group Policies (GPO), Domain Name Services (DNS), and multiple Quest products, such as Change Auditor and Recovery Manager. In this role, you will be responsible for architecting, engineering and deployment of security solutions to solve complex challenges in our directory services and IAM environments. The Directory Services Security Engineer will be for responsible for identifying opportunities to strengthen security, drive automation and promote being well managed. Other responsibilities this role includes, addressing security findings, analyzing large data sets in SIEM products such as Splunk and Snowflake or similar, and building reports in tools such as Enterprise Reporter. This role will provide you with an opportunity to help shape the direction of identity and directory security for AIG.

Responsibilities

• Coordinate and/or implement new or enhanced security products and toolsets on supported platforms
• Participate in governance, audit and compliance support activities, as they pertain to identity and access management security
• Identify, define and implement continuous process improvements utilizing modern tools, technologies, and methodologies
• Architect, engineer, and deploy large-scale security initiatives in Active Directory / Entra ID including domain and application migrations between platforms
• Participate in implementation of large-scale security initiatives for new technologies being deployed globally
• Conduct regular configuration and security assessments of Active Directory and Azure and provide recommendations for changes based on industry standards and security guidelines utilizing tools such as, Microsoft On-demand Assessment, Bloodhound, Purple Knight, etc.
• Monitor AD logs to identify any potential security incidents, respond to security findings, and develop and maintain incident response procedures
• Support large-scale Active Directory domain consolidations and domain migration activities with a security-based approach
• Perform health checks, discoveries and cleanup of Active Directory and Entra ID Infrastructure
• Analyze, review and manage Active Directory services such as DNS, Group Policy etc.
• Document platform technical issues, analysis, communications, and resolutions as reference for future issue resolution in SharePoint, Confluence, ServiceNow or similar medium.
• Develop documentation such as, knowledge articles, How-to documents, and presentations for large audiences.
• Provide technical assistance, support and troubleshooting for IAM-related issues.
• Support team during incident management, problem management and disaster recovery activities

Requirements

• 5+ years of Active Directory/Entra ID hands-on technical experience in an enterprise
• 4+ years supporting and implementing Active Directory security related products, such as Quest Change Auditor, Enterprise Reporter and Recovery Manager, or similar
• 4+ years of hands-on technical experience Identity and Access Management (IAM) on Active Directory.
• 3+ years of hands-on technical experience with tools
• 3+ years writing code, including scripts in languages such as PowerShell, Python, .NET, etc
• 2+ years performing, AD Domain Clean ups, Domain and Forest Recovery activities, management of DNS, group policy objects, gMSA and security groups
• Basic knowledge of databases (SQL, Oracle) and scripting languages (e.g., PowerShell, JavaScript)
• Problem-solving mindset with a focus on delivering secure solution.
• Self-starter who is proactive, motivated, and resourceful, takes ownership of their work, embraces challenges, and consistently strives for excellence.
• Ability to think strategically and drive business outcomes.
• Excellent written and verbal communication skills demonstrated by cross-functional team engagement, electronic communication, and program/process documentation
• Commitment to continuous learning and professional development around cloud technologies, automation, and AI

Nice-to-haves

• Technical hands-on experience in the following: Microsoft IAM, Oracle IAM, SailPoint IAM, IdP, AD, LDAP, Saviynt, RSA, Single Sign-On, OAuth, SAML, DNS, Google Cloud Platform, and Azure
• 3+ years working with SIEM solutions and hands-on usage of products such as, Splunk and Snowflake
• 2+ years in developing solutions for automation via scripts or tools such as Ansible, Puppet, SCCM, etc.
• 1+ years leading large projects from beginning to end in an enterprise, spanning multiple businesses and regions globally

Benefits

• Base salary range of $108,000-$135,000
• Eligible for a bonus in accordance with the terms of the applicable incentive plan
• Comprehensive benefits package focused on health, wellbeing, and financial security
• Professional development opportunities