Senior Systems Engineer

About The Position

Requirements

• Hold a degree in a technical field or possess equivalent experience.
• Have at least 5 years of professional IT experience with a track record of successful project delivery
• The ability to prioritize your own workload effectively.
• Proficient in using PowerShell and other scripting tools (e.g. Terraform, Ansible, Bash, Python) for configuration and automation for object management and other repetitive tasks
• Competence in installing, configuring, and running MS Windows Server and basic proficiency in Linux
• Infrastructure as code experience
• Understanding Active Directory architecture (domains, trees, forests, trusts) and how to keep a geo-diverse domain healthy by understanding replication and topology
• Proficient in Active Directory schema, attributes, processes security and controls
• Experience in deployment running of a Certificate Authority within the Microsoft environment (issuing CAs, CRL deployment, template management)
• Understanding of Entra ID architecture, its differences from Active Directory and how to maintain the two Identity services whilst ensuring they stay in sync
• Knowledge of Azure tenants, subscriptions and directories
• Knowledge of seamless single sign-on (SSO) and Pass-through Authentication.
• Authority in Entra ID roles and privileges
• Authority in maintaining Active Directory, including restoration and recovery of the service
• Understanding of Networking concepts, routing, subnets standard ports and how changes at the network layer can affect Active Directory
• Expert in configuration and integration of Active Directory into DNS
• Familiarity with System Hardening including CIS benchmarks, how Group Policy can be used to enable hardening.
• Expert in Group Policy, inheritance, precedence, and how these can be utilised to customise our environment and their equivalent Compliance policies in Entra ID
• Authoritative in server hardware including SANs and hypervisors, how to build, manage and maintain using code
• Experience of AD domain migrations and consolidations
• Experience in having the role of Active Directory Domain Admin for a company
• Experience with Okta
• Familiar with SAML/OIDC authentication protocols
• Familiar with SCIM
• Strong analytical skills to diagnose and resolve issues and ability to solve complex systems and network problems
• Attention to detail
• Ability to create and maintain detailed documentation of configurations, changes and procedures.
• Positive and collaborative attitude with a willingness to work effectively with others at all levels of the business
• Familiarity with various project management methodologies, enjoy coordinating with other teams and managing timelines
• Continuous learning – keep up to date with the latest features, updates and standard methodologies.
• Ability to identify and pursue opportunities for process improvement, innovation, and pioneering new ways of working.
• Understanding of ITIL processes, such as Incident, Problem, and Change Management.
• Ability to work closely with outsource partners, vendors, and other third parties

Responsibilities

• Contribute to the broader SIE Identity and Access Management community, helping to ensure solutions are kept up to the latest standards and built for the future
• Enhance team efficiencies by applying automation tools and facilitating the seamless transfer of day-to-day operational tasks to the IT Operations Centre
• Ensure all systems adhere to robust security standards through vulnerability management, including patching of operating systems and third-party software, system hardening, and configuration management.
• Take ownership by seeking out ways to improve efficiency and stability of the Identity services while balancing innovation and new technologies.
• Collaborate effectively with the wider IT teams and business units.
• Maintain high standards of documentation and follow established processes and standards.
• Implementing access reviews and privileged identity management (PIM)
• Configuring and managing federated SaaS applications using SAML and OIDC
• Ensuring we have accurate logging for audit and compliance, so we can adhere to relevant regulations and standards (e.g. GDPR, HIPAA) and detect anomalies
• Implement strategies to ensure our Identities are well protected and be recovered quickly
• Perform diagnostics utilising monitoring and diagnostic tools to pro-actively maintain and ensure performance of our Identity services
• Configuring alerts and integrating with security information and event management systems (SIEM)
• Facilitate migrations for acquisitions into SIE's Identity services

Benefits

• medical
• dental
• vision
• matching 401(k)
• paid time off
• wellness program
• employee discounts for Sony products
• bonus package