Systems Engineer

Share only 2 profiles

Candidates must be from PST Zone

LinkedIn is must

Candidates must fill out the skills matrix in detail,

Title: Senior Systems Engineer - Entra ID/Active Directory Services

Visa restrictions: Must be U.S. Citizen or Green Card Holder only

Location: Remote

Duration: 12 months

Must Have Extensive Experience With

• Azure Active Directory (Entra ID)
• IAM/PAM
• Microsoft Azure
• Powershell
  
  

Client has an opening for a Senior Systems Engineer - Entra ID/Active Directory Services.

From Hiring Manager

• Entra ID and Active Directory Services – focus area
• Candidates with mostly cyber security experience or expressed strong desire for cyber security – likely not right for this role
  
  

Job Summary

• As a Senior Identity and Access Management (IAM) Operations Engineer, you will be a part of the Global IT and Technology Risk organization with the responsibility of contributing your advanced experience and technical skills into ZOLL's expanding and complex security infrastructure environment.
• You will be focused on engineering and operating the identity and access management tools which will include engaging and collaborating with internal stakeholders, customers, partners, and vendors.
• You will provide technical expertise and define best practices for cloud-based system and application security during the design and implementation process.
• Oversee the design, implementation, and administration of one or more security/IAM/PAM solutions (e.g., SailPoint IdentityNow, CyberArk, Data Loss Prevention, Cloud Access Security Brokers (CASB), Azure Information Protection, Multifactor Authentication, Conditional Access, Single Sign On/Federation, MCAS, Right Management Services and Azure Information Protection)
  
  

Essential Functions

• Design, implement, and support identity platforms and systems for managing access to all systems across the organization leveraging Entra ID and Active Directory Services.
• Responsible for implementing identity standards and technologies with other applications and business systems (SAML/SSO configurations).
• Collaborate with others in the Identity and Security teams to establish standard operations, new capabilities, as well as provide input on developing access standards and reference frameworks related to Identity & Access Management.
• Proliferate improvements in security access authentication (MFA and risk-based access), accelerating new integrations with systems or 3rd party solutions, working to enable new onboarding and process automation for staff entitlements, assisting in designing new Privileged Access Management (PAM) solutions and working to help integrate password self-service and improved password hygiene standards globally.
• Create and implement least-privilege-based IAM solutions to meet other teams' project and access requirements.
• Support user life cycle processes including, but not limited to, on-boarding and off-boarding of all types of user accounts.
• Support IAM Password Management processes and processing of system access requests.
• Perform administration and maintenance of identity solutions.
• Perform troubleshooting of escalated issues with identity providers or integrations.
• Generate tech specifications, architecture. and documentation for IAM implementations.
• Collaborate in the design, development, and maintenance of user repositories and directories.
• Design and develop enterprise-wide authentication solutions in Active Directory, Entra ID, and Okta.
• Collaborate and partner with Global IT and business stakeholders to enable new Identity concepts, thinking, and integrations.
• Coordinate the implementation of process improvements and automation, and manage escalations, issues or high-priority tasks.
• Provide guidance and mentorship and assign tasks to/for technical teams.
  
  

Required/Preferred Education And Experience

• BS Information technology equivalent required or Related experience in a technology role required
• 7+ years of industry experience required and experience with at least 4 of the following capabilities: SailPoint IdentityNow, CyberArk, Data Loss Prevention (DLP), Hardware Security Modules, Web Proxies, CASB, Single Sign On/Federation, Web Application Security, Online DLP, MCAS, Right Management Services
• Azure Information Protection, mail transfer (Exchange, M365) and network technologies (proxy, firewall, VPN, etc.) required
• Experience supporting business critical solutions and triaging production issues
  
  

Knowledge, Skills And Abilities

• Strong knowledge of risk management standards including identifying risks and solutions/remediations
• Technical understanding across IT systems (e.g., applications, networks, LDAP, domains, etc.) and application authentication techniques.
• Ability to work with an automation mind set, and proven expertise in the use and creation of PowerShell scripts.
• Familiarity with vendor provided MFA and/or risk-based authentication technologies such as Azure/Okta and the integration into the authentication, authorization, and SSO process for applications and systems.
• Must have an understanding of Identity Governance and Administration (IGA) for combining application and system data for access certification, RBAC, access governance.
• Foundational knowledge of Identity Life Cycle Management, Runtime enforcement (APIs), Privileged Access Management, Identity federation (SAML), Conditional Access policies (Azure AD).
• Ability to communicate effectively and coordinate with IT and business stakeholders to support requests for the IAM environment.
  
  

Skills Matrix

Job Requirements

Candidate’s Matching Experience

SCREENING QUESTIONS:

What is the intent behind creating conditional access (or what is your understanding)?

What AD services are you familiar/well-versed with?

Describe your experience with Entra ID and Active Directory Services

7+ years of industry experience required and experience with at least 4 of the following capabilities: SailPoint IdentityNow, CyberArk, Data Loss Prevention (DLP), Hardware Security Modules, Web Proxies, CASB, Single Sign On/Federation, Web Application Security, Online DLP, MCAS, Right Management Services.

Experience with Azure Information Protection, mail transfer (Exchange, M365) and network technologies (proxy, firewall, VPN, etc.)

Ability to work with an automation mind set, and proven expertise in the use and creation of PowerShell scripts

Must have an understanding of Identity Governance and Administration (IGA) for combining application and system data for access certification, RBAC, access governance.