Systems Engineer I

First Horizon Bank•Metairie, LA

4d•Onsite

About The Position

We are seeking a motivated Systems Engineer I to support and improve enterprise directory services across On‑prem Active Directory and Microsoft Entra ID. Candidate will execute detail‑oriented engineering changes that reduce security risk, improve operational hygiene, and meet audit expectations. They will collaborate across teams, follow a disciplined change lifecycle, and document consistently. We have identified a substantial body of Active Directory and Entra ID work required to bring our directory services closer to best practices and meet security, audit, and operational expectations. This effort spans both on‑prem and cloud identity and includes: Active Directory and Entra ID security hardening, Cleanup and standardization of Group Policy Objects, DNS infrastructure hygiene, scavenging, and replication consistency, AD Sites & Services cleanup and subnet alignment, Cleanup of users, groups, privileged accounts, and service accounts. Many of these items carry high security risk and high operational impact. Each change typically requires: Research and validation against Microsoft guidance and our internal standards, Lab or pilot testing, Coordination with Tech Risk and other teams, Careful production rollout. Incorrectly implemented directory changes can cause authentication failures, access outages, or security regressions. This is long‑running, detail‑oriented engineering work—not task execution.

Requirements

Bachelor’s degree in Computer Science, Information Technology, or related field; or equivalent practical experience.
Foundational experience with Active Directory and Entra ID through coursework, labs, internships, or professional roles.
Familiarity with GPOs, DNS, AD Sites & Services, replication, and user/group/service account administration.
Understanding of security hardening principles and change management discipline.
Strong analytical and problem‑solving skills. High attention to detail.
Clear written and verbal communication skills. Team‑oriented mindset.
Interest in automation and scripting to improve efficiency.
Ability to work independently and in a fast‑paced, collaborative environment.

Responsibilities

Assist with investigation and resolution of directory‑related issues, including authentication, authorization, replication, GPO, and DNS.
Support escalations. Perform root cause analysis. Drive corrective actions.
Execute security hardening for Active Directory and Entra ID.
Clean up and standardize Group Policy Objects.
Improve DNS hygiene, scavenging, and replication consistency.
Clean up AD Sites & Services and align subnets.
Remediate users, groups, privileged accounts, and service accounts.
Monitor health and performance. Maintain stability and reliability.
Research and validate changes against Microsoft guidance and internal standards.
Build and use labs or pilots to test changes safely.
Coordinate with Tech Risk and cross‑functional teams on risk and rollout.
Plan careful production deployments. Verify outcomes and rollback when needed.
Use scripting to streamline directory tasks, cleanups, and reporting.
Leverage AI to determine best of breed solutions and automation.
Create and maintain clear diagrams, runbooks, and standard operating procedures.
Track configurations, changes, and decisions for audit readiness.
Work closely with security, Tech Risk, networking, systems, and application teams.
Communicate clearly with technical and non‑technical associates.
Participate in an on‑call rotation to support critical identity issues.