Identity and Security Administrator

About The Position

Requirements

• Strong expertise in AD DS, Microsoft Entra Suite, DFS, ADFS, ADCS, and LDAP
• In-depth knowledge in identity and access management and role-based access control concepts
• Expertise in identity federation and multifactor authentication management
• Expertise in authentication and authorization flows
• In-depth knowledge of public key infrastructure (PKI) and encryption
• Strong knowledge of Zero Trust security principles
• In-depth knowledge of Microsoft Windows operating systems
• Good working knowledge of basic networking concepts, including TCP/IP, DNS, and DHCP
• Solid scripting skills in PowerShell Microsoft Graph PowerShell, and Microsoft Graph API
• Strong analytical, critical thinking, and problem-solving skills
• Ability to troubleshoot and resolve system, application, security, and performance issues
• Strong communication, interpersonal, and cross-functional collaboration skills
• Ability to articulate issues, risks, and proposed solutions to various levels of technology staff, management, and non-technical audiences
• Strong attention to detail and accuracy
• Ability to document and maintain security and monitoring policies, procedures, and configurations
• Ability to multitask efficiently yet prioritize and organize competing work demands
• Demonstrated integrity and commitment to strict ethical standards in all professional dealings
• Proven record of reliability and dependability
• Candidate must be a self-starter and independent, yet function as an integral part of a team
• Proven ability to work independently and collaboratively in a fast-paced, and security-conscious environment
• Candidate must demonstrate a high degree of initiative and motivation
• Ability to work flexible hours and be on-call
• Bachelor’s degree in Computer Science or related field, or equivalent work experience
• 7+ years of professional experience managing medium-to-large enterprise Microsoft Windows AD DS environments, preferably in a law firm or professional services environment
• 3+ years of experience with Microsoft Entra ID in hybrid environments
• Extensive experience managing and securing all aspects of Active Directory Domain Services
• Considerable hands-on experience with Azure/Entra ID cloud security, including, but not limited to conditional access, RBAC, Defender for Endpoint, Defender for Cloud, and Defender for Identity
• Experience managing multifactor authentication solutions and single sign-on implementations
• Experience managing Privileged Access Management tools

Nice To Haves

• API programming skills are preferred
• Basic understanding of AI model infrastructure security is preferred
• Relevant Microsoft certifications: Azure Security Engineer Associate and Identity and Access Administrator Associate, or equivalent are preferred
• Professional cybersecurity certifications, such as Security+, GSEC, GCIH, etc., are preferred

Responsibilities

• Manages, optimizes, and maintains enterprise identity platforms (e.g. Active Directory Domain Services, Entra ID)
• Implements secure IAM frameworks in Entra ID and Azure, including roles, RBAC, PIM, conditional access policies, MFA, and SSO
• Manages and optimizes non-human identity and permissions lifecycle processes
• Collaborates with technology teams to ensure least privilege, JIT access models, and access lifecycles across on-premises and cloud environments
• Conducts regular access reviews
• Monitors and audits user activity to identify and evaluate anomalous behavior and activity, and coordinates with other IT staff and external parties as needed
• Manages vendor remote access and privileged access management systems
• Monitors and analyzes performance, availability, and security alerts for servers, applications, and services, using various tools and methods, such as dashboards, alerts, reports, logs, etc.
• Monitors, detects, and responds to security incidents and threats related to identity and access using ITDR, EDR, and SIEM tools
• Provides Tier 3 technical support, root cause analysis, and guidance for identity-related issues
• Implements and maintains security configurations to protect against unauthorized access and other security threats against the firm’s on-prem infrastructure and cloud-based platforms
• Develops and maintains automation scripts to automate administrative and routine tasks and process improvement
• Collaborates with information security and compliance teams to ensure compliance with industry standards
• Supports project delivery and execution of tasks related to areas of team responsibility
• Stays current with emerging trends and best practices in identity and access management, identity protection and governance, and cloud security
• Documents and enforces identity governance procedures

Benefits

• competitive compensation
• excellent benefits package