Airitos
Active Directory Engineer
Airitos - Waukesha, Wisconsin, United States, 53188
Work at Airitos
Overview
- View job
Overview
Active Directory Engineer - Atlanta, GA., San Diego, CA., or Bedford, MA
Seeking an experienced Active Directory (AD) engineer to supplement the existing team and provide IAM strategy recommendations. The candidate must have a strong background in designing, building, and maintaining complex global directory environments. This position is a hybrid role: 60% in office and 40% remote. Office locations include Bedford, MA, Atlanta, GA, San Diego, CA, and Waukesha, WI. The candidate will be able to successfully perform the following activities: Engineering, deploying, operationalizing, maintaining, and supporting tools associated with AD. Contributing to the engineering and support of AD as needed. Communicating service directions, features, and roadmaps. Providing technical leadership to others with less knowledge or experience. Assisting with currency and patching. Liaising with, training, and supporting operational teams. Participating in ad-hoc incident response for Active Directory platforms, when needed. Assisting in technology evaluations and guiding proof of concepts. Participating in solution design discussions. Assisting with remediating prioritized vulnerabilities in AD. Assisting with disaster recovery planning for AD. Making recommendations for improving and securing the AD environment. Providing IAM strategy recommendations. Required Skills:
Senior and experienced AD Engineer (5-7 years) with some Large Enterprise Experience. 5+ years of experience in directory services engineering. 2+ years in IAM strategy. Manufacturing experience. Good understanding of AD security. Experience with implementing and maintaining AD Tools, including: Microsoft ATA/AATP/Defender for Identity Microsoft ADRES (AD Recovery Execution Service) Quest tools (e.g., Change Auditor, Recovery Manager, Enterprise Reporter, Migrations Manager) Alternative vendor tools that fall into the same area. Experience with processes such as: Supporting SOC Periodic recovery testing of AD Experience in AD Business Continuity and Disaster Recovery Planning and testing processes. Experience with the following AD capabilities: Microsoft Defender Credential Guard Kerberos and insecure authentication protocols Group Policy Preferences administration for local administration accounts Local Security Authority Domain Control Communications Digital Signing SID History Reporting Microsoft's Rapid Modernization Plan (RAMP) OU Design UEBA MFA for Domain Administrators Spooler Service Management Security Object-Time to Live (TTL) Auditing and Monitoring Link-Local Multicast Name Resolution (LLMNR) Operationalizing Forest Level Backups Ransomware defense for directory services Domain administration script signing Powershell auditing and logging Excellent interpersonal communication skills with strong spoken and written English. Organizational skills with attention to detail. Business outcomes mindset. Solid balance of strategic thinking with detailed orientation. Collaborative team worker – both in person and virtually using MS Teams or similar. Self-starter, ability to take initiative. Flexibility to accommodate working across different time-zones. Preferred Qualifications:
SAP Access Control. CISSP, CISM, or equivalent certification a plus. Required Education:
Bachelor's degree (BA/BS) from a four-year college or university; or equivalent training, education, and work experience.
#J-18808-Ljbffr
Seeking an experienced Active Directory (AD) engineer to supplement the existing team and provide IAM strategy recommendations. The candidate must have a strong background in designing, building, and maintaining complex global directory environments. This position is a hybrid role: 60% in office and 40% remote. Office locations include Bedford, MA, Atlanta, GA, San Diego, CA, and Waukesha, WI. The candidate will be able to successfully perform the following activities: Engineering, deploying, operationalizing, maintaining, and supporting tools associated with AD. Contributing to the engineering and support of AD as needed. Communicating service directions, features, and roadmaps. Providing technical leadership to others with less knowledge or experience. Assisting with currency and patching. Liaising with, training, and supporting operational teams. Participating in ad-hoc incident response for Active Directory platforms, when needed. Assisting in technology evaluations and guiding proof of concepts. Participating in solution design discussions. Assisting with remediating prioritized vulnerabilities in AD. Assisting with disaster recovery planning for AD. Making recommendations for improving and securing the AD environment. Providing IAM strategy recommendations. Required Skills:
Senior and experienced AD Engineer (5-7 years) with some Large Enterprise Experience. 5+ years of experience in directory services engineering. 2+ years in IAM strategy. Manufacturing experience. Good understanding of AD security. Experience with implementing and maintaining AD Tools, including: Microsoft ATA/AATP/Defender for Identity Microsoft ADRES (AD Recovery Execution Service) Quest tools (e.g., Change Auditor, Recovery Manager, Enterprise Reporter, Migrations Manager) Alternative vendor tools that fall into the same area. Experience with processes such as: Supporting SOC Periodic recovery testing of AD Experience in AD Business Continuity and Disaster Recovery Planning and testing processes. Experience with the following AD capabilities: Microsoft Defender Credential Guard Kerberos and insecure authentication protocols Group Policy Preferences administration for local administration accounts Local Security Authority Domain Control Communications Digital Signing SID History Reporting Microsoft's Rapid Modernization Plan (RAMP) OU Design UEBA MFA for Domain Administrators Spooler Service Management Security Object-Time to Live (TTL) Auditing and Monitoring Link-Local Multicast Name Resolution (LLMNR) Operationalizing Forest Level Backups Ransomware defense for directory services Domain administration script signing Powershell auditing and logging Excellent interpersonal communication skills with strong spoken and written English. Organizational skills with attention to detail. Business outcomes mindset. Solid balance of strategic thinking with detailed orientation. Collaborative team worker – both in person and virtually using MS Teams or similar. Self-starter, ability to take initiative. Flexibility to accommodate working across different time-zones. Preferred Qualifications:
SAP Access Control. CISSP, CISM, or equivalent certification a plus. Required Education:
Bachelor's degree (BA/BS) from a four-year college or university; or equivalent training, education, and work experience.
#J-18808-Ljbffr