TEKsystems
Active Directory Engineer
TEKsystems, Charlotte, North Carolina, United States, 28245
No C2C. W2 only. Must work onsite in Charlotte, NC 3 days a week.TEKsystems is currently looking for an Active Directory Engineer that will be responsible for analysis, design, implementation coordination and 4th level escalation support of complex, enterprise level Active Directory solutions, specifically pertaining to security. This individual will work within the engineering organization, interacting with peer teams and partner groups, scaling and deploying improvement, consolidation and migration efforts within the enterprise. The candidate must be able to operate and function well in a geographically dispersed virtual team environment.Required Skills:
At least 5-10 years of dedicated Active Directory engineering and architecture experience that includes designing, implementing and maintaining complex enterprise level (50K+ objects) Active Directory solutions and security models.Overarching broad and deep technical experience with Active Directory Security.Extensive experience and advanced knowledge implementing Windows security concepts and policies, least-privilege design principles.Extensive knowledge of AD Security best-practices, latest security threats/trends and mitigation thereof.Experience with best practices for Active Directory disaster recovery, object management, security models and trust creation.Granular ACE permissions models meeting functional and technical requirements.Deep, in-depth working knowledge of Kerberos and NTLM authentication, MFA, SSO and federation technologies.Extensive and deep knowledge of Group Policy Objects (GPOs), engineering, implementing and 3rd party management solutions thereof.Strong knowledge of LDAP and ability to comfortably construct queries.Working knowledge of Certificate/CA/PKI infrastructure.Excellent communication skills, including proven experience effectively communicating technical challenges and solutions to peers, customers and management.Desired Skills:
Experience with Microsoft's Enhanced Security Architecture Environment (ESAE) - "Red/Bastion/Admin" forest design; including JIT (just in time) JEA (just enough administration) concepts; Microsoft PAM (Privileged Access Manager).Experience engineering password vaulting solutions (CyberArk, Lieberman, Thycotic, etc.).PowerShell scripting experience and capabilities.MS SQL/DB knowledge.Microsoft or 3rd party management and monitoring solutions (SCCM, SCOM, VCM, NetIQ GPDH/GPA).Unix/Linux skills; Vintela VAS integration; RedHat IdM.Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:Medical, dental & visionCritical Illness, Accident, and Hospital401(k) Retirement Plan - Pre-tax and Roth post-tax contributions availableLife Insurance (Voluntary Life & AD&D for the employee and dependents)Short and long-term disabilityHealth Spending Account (HSA)Transportation benefitsEmployee Assistance ProgramTime Off/Leave (PTO, Vacation or Sick Leave)About TEKsystems:We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr
At least 5-10 years of dedicated Active Directory engineering and architecture experience that includes designing, implementing and maintaining complex enterprise level (50K+ objects) Active Directory solutions and security models.Overarching broad and deep technical experience with Active Directory Security.Extensive experience and advanced knowledge implementing Windows security concepts and policies, least-privilege design principles.Extensive knowledge of AD Security best-practices, latest security threats/trends and mitigation thereof.Experience with best practices for Active Directory disaster recovery, object management, security models and trust creation.Granular ACE permissions models meeting functional and technical requirements.Deep, in-depth working knowledge of Kerberos and NTLM authentication, MFA, SSO and federation technologies.Extensive and deep knowledge of Group Policy Objects (GPOs), engineering, implementing and 3rd party management solutions thereof.Strong knowledge of LDAP and ability to comfortably construct queries.Working knowledge of Certificate/CA/PKI infrastructure.Excellent communication skills, including proven experience effectively communicating technical challenges and solutions to peers, customers and management.Desired Skills:
Experience with Microsoft's Enhanced Security Architecture Environment (ESAE) - "Red/Bastion/Admin" forest design; including JIT (just in time) JEA (just enough administration) concepts; Microsoft PAM (Privileged Access Manager).Experience engineering password vaulting solutions (CyberArk, Lieberman, Thycotic, etc.).PowerShell scripting experience and capabilities.MS SQL/DB knowledge.Microsoft or 3rd party management and monitoring solutions (SCCM, SCOM, VCM, NetIQ GPDH/GPA).Unix/Linux skills; Vintela VAS integration; RedHat IdM.Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:Medical, dental & visionCritical Illness, Accident, and Hospital401(k) Retirement Plan - Pre-tax and Roth post-tax contributions availableLife Insurance (Voluntary Life & AD&D for the employee and dependents)Short and long-term disabilityHealth Spending Account (HSA)Transportation benefitsEmployee Assistance ProgramTime Off/Leave (PTO, Vacation or Sick Leave)About TEKsystems:We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr