Airitos
Active Directory Engineer
Airitos, Waukesha, Wisconsin, United States, 53188
Active Directory Engineer - Atlanta, GA., San Diego, CA., or Bedford, MA
Seeking an experienced Active Directory (AD) engineer to supplement the existing team and provide IAM strategy recommendations. The candidate must have a strong background in designing, building, and maintaining complex global directory environments. This position is a hybrid role: 60% in office and 40% remote. Office locations include Bedford, MA, Atlanta, GA, San Diego, CA, and Waukesha, WI.The candidate will be able to successfully perform the following activities:Engineering, deploying, operationalizing, maintaining, and supporting tools associated with AD.Contributing to the engineering and support of AD as needed.Communicating service directions, features, and roadmaps.Providing technical leadership to others with less knowledge or experience.Assisting with currency and patching.Liaising with, training, and supporting operational teams.Participating in ad-hoc incident response for Active Directory platforms, when needed.Assisting in technology evaluations and guiding proof of concepts.Participating in solution design discussions.Assisting with remediating prioritized vulnerabilities in AD.Assisting with disaster recovery planning for AD.Making recommendations for improving and securing the AD environment.Providing IAM strategy recommendations.Required Skills:
Senior and experienced AD Engineer (5-7 years) with some Large Enterprise Experience.5+ years of experience in directory services engineering.2+ years in IAM strategy.Manufacturing experience.Good understanding of AD security.Experience with implementing and maintaining AD Tools, including:Microsoft ATA/AATP/Defender for IdentityMicrosoft ADRES (AD Recovery Execution Service)Quest tools (e.g., Change Auditor, Recovery Manager, Enterprise Reporter, Migrations Manager)Alternative vendor tools that fall into the same area.Experience with processes such as:Supporting SOCPeriodic recovery testing of ADExperience in AD Business Continuity and Disaster Recovery Planning and testing processes.Experience with the following AD capabilities:Microsoft Defender Credential GuardKerberos and insecure authentication protocolsGroup Policy Preferences administration for local administration accountsLocal Security AuthorityDomain Control Communications Digital SigningSID History ReportingMicrosoft's Rapid Modernization Plan (RAMP)OU DesignUEBAMFA for Domain AdministratorsSpooler Service Management SecurityObject-Time to Live (TTL) Auditing and MonitoringLink-Local Multicast Name Resolution (LLMNR)Operationalizing Forest Level BackupsRansomware defense for directory servicesDomain administration script signingPowershell auditing and loggingExcellent interpersonal communication skills with strong spoken and written English.Organizational skills with attention to detail.Business outcomes mindset.Solid balance of strategic thinking with detailed orientation.Collaborative team worker – both in person and virtually using MS Teams or similar.Self-starter, ability to take initiative.Flexibility to accommodate working across different time-zones.Preferred Qualifications:
SAP Access Control.CISSP, CISM, or equivalent certification a plus.Required Education:
Bachelor's degree (BA/BS) from a four-year college or university; or equivalent training, education, and work experience.
#J-18808-Ljbffr
Seeking an experienced Active Directory (AD) engineer to supplement the existing team and provide IAM strategy recommendations. The candidate must have a strong background in designing, building, and maintaining complex global directory environments. This position is a hybrid role: 60% in office and 40% remote. Office locations include Bedford, MA, Atlanta, GA, San Diego, CA, and Waukesha, WI.The candidate will be able to successfully perform the following activities:Engineering, deploying, operationalizing, maintaining, and supporting tools associated with AD.Contributing to the engineering and support of AD as needed.Communicating service directions, features, and roadmaps.Providing technical leadership to others with less knowledge or experience.Assisting with currency and patching.Liaising with, training, and supporting operational teams.Participating in ad-hoc incident response for Active Directory platforms, when needed.Assisting in technology evaluations and guiding proof of concepts.Participating in solution design discussions.Assisting with remediating prioritized vulnerabilities in AD.Assisting with disaster recovery planning for AD.Making recommendations for improving and securing the AD environment.Providing IAM strategy recommendations.Required Skills:
Senior and experienced AD Engineer (5-7 years) with some Large Enterprise Experience.5+ years of experience in directory services engineering.2+ years in IAM strategy.Manufacturing experience.Good understanding of AD security.Experience with implementing and maintaining AD Tools, including:Microsoft ATA/AATP/Defender for IdentityMicrosoft ADRES (AD Recovery Execution Service)Quest tools (e.g., Change Auditor, Recovery Manager, Enterprise Reporter, Migrations Manager)Alternative vendor tools that fall into the same area.Experience with processes such as:Supporting SOCPeriodic recovery testing of ADExperience in AD Business Continuity and Disaster Recovery Planning and testing processes.Experience with the following AD capabilities:Microsoft Defender Credential GuardKerberos and insecure authentication protocolsGroup Policy Preferences administration for local administration accountsLocal Security AuthorityDomain Control Communications Digital SigningSID History ReportingMicrosoft's Rapid Modernization Plan (RAMP)OU DesignUEBAMFA for Domain AdministratorsSpooler Service Management SecurityObject-Time to Live (TTL) Auditing and MonitoringLink-Local Multicast Name Resolution (LLMNR)Operationalizing Forest Level BackupsRansomware defense for directory servicesDomain administration script signingPowershell auditing and loggingExcellent interpersonal communication skills with strong spoken and written English.Organizational skills with attention to detail.Business outcomes mindset.Solid balance of strategic thinking with detailed orientation.Collaborative team worker – both in person and virtually using MS Teams or similar.Self-starter, ability to take initiative.Flexibility to accommodate working across different time-zones.Preferred Qualifications:
SAP Access Control.CISSP, CISM, or equivalent certification a plus.Required Education:
Bachelor's degree (BA/BS) from a four-year college or university; or equivalent training, education, and work experience.
#J-18808-Ljbffr