The Redmond Cloud

Microsoft Cloud Identity Architect

TEKsystems, Inc
March 26, 2019
Baltimore, MD
Job Type


Our Client is looking to bring on a Sr. Identity Engineer to join their team. They are in the process of moving a lot of their on-premise infrastructure, systems, and applications into the cloud into the cloud, they would like to identify an AD Engineer who has recent experience with implementing and supporting IAM tools (they use Sailpoint IdentityNow- SaaS cloud based product) and supporting cloud environments (MS Azure, O 365, etc.). They would like this person to sit on-site since the remote aspect hasn't worked well in the past for Martin and his team.

* Active Directory Infrastructure experience-AD Domains and Trusts, AD Sites and Services, Users and Computers
* Domain Consolidation
* AD Least privilege model mindset- fine-grained role delegation
* Creating and implementing Group policy
* Independent/Exceptional troubleshooting skills
* Microsoft Azure/office 365 experience with Hybrid environments
* Azure Active Directory, Directory sync
* Azure PIM
* Azure B2C, Azure B2B
* Sailpoint/IdentityNow
* Azure/O365 tenant migration
* Intermediate PowerShell skills

* Azure SSO
* FIM (Forefront Identity Manager)
* Microsoft ATA ( Advanced Threat Analytics)
* Microsoft CAS

Key projects:
* Includes Privileged Access Management, Role Based Access Control and User Lifecycle Management, Global AD consolidation
* Initial ULM/User Provisioning to occur with ServiceNow deployment
* Migration from FIM (currently running 3 different versions) to Sailpoint IdentityNow
* IPAM project (Identity Privileged Access Management)
* Azure Information Protection
* CASB----Cloud Access Security Broker

This person should have a background within Active Directory administration and at least familiar with security logs and incident handling.The Security Log, in Microsoft Windows, is a log that contains records of login/logout activity or other security-related events specified by the system's audit policy. Auditing allows administrators to configure Windows to record operating system activity in the Security Log. They utilize 2 software tools for event logs and analytics: Cloud Access Security Broker (CASB) and Microsoft Advanced Threat Analytics (ATA).

CASB protects enterprise systems against cyberattacks through malware prevention as well as data security that makes data streams unreadable by outside parties.

ATA searches for 3 main types of attacks: Malicious attacks, abnormal behavior, and security issues and risks.

Job Description

Summary: Responsible for ensuring the availability and continuity of the Microsoft Active Directory and Exchange environments as well as working on a diverse array of deliverables in a large, complex environment. The ability to communicate clearly, deliver a high level of customer service, and think strategically are key attributes for this role.

Primary Job Duties:
* Provide in-depth technical expertise through planning, designing, installing, configuring, and supporting the Directory (Microsoft Active Directory and Microsoft Identity Life-cycle Manager, Forefront Identity Manager).
* Develop life cycle oriented processes and procedures for maintenance and support
* Resolve escalated account management, user access, connectivity and support issues
* Monitor system utilization and capacity and assess results in order to define future system capacity requirements
* Assist in setting standards for delivery of Identity services
* Assist maintaining technology road maps for services
* Research and evaluate new products and technologies that enhance and improve services in response to business or technical drivers
* Review system plans and designs for proposed changes
* Mentor and assist team members with technical skills development and process creation
* Serve as liaison to peers, vendors, or partners to facilitate problem resolution

Minimum Education and/or Experience:
* B.S. in Computer Science or Information Systems or equivalent work experience
* 8-10 years demonstrable experience administering and supporting Microsoft Active Directory and Exchange (10,000+ users preferred); and experience with a Microsoft IAM product (MIIS, ILM, FIM)
* Experience with migration and consolidation of directory and messaging environments
* In-depth knowledge of several Microsoft server-based products (e.g. ISA, IIS, MIIS,ILM, FIM, SQL Server 2005 Enterprise, Windows Server 2003, 2008, 2008 R2)
* Experience managing Microsoft Identity Lifecycle Manager, Forefront Identity Manager
* Experience with Scripting, Powershell, and development in object oriented languages
* Demonstrated experience presenting technology recommendations from a business perspective
* Excellent interpersonal communication skills including listening, oral, and written presentation of ideas

Skills and Competencies:
* Knowledge of industry best practices related to Identity Services, monitoring, storage, backup and disaster recovery
* Solid understanding of networking and distributed computing concepts, including the principles of network routing, load balancing and client/server
* Comfortable working in a dynamic, highly-communicative team environment Demonstrated skills in the areas of critical thinking and problem solving

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please call 888 472-3411 or email accommodation@teksystems .com for other accommodation options.

Only registered members can apply for jobs.

Related Jobs

April 2, 2019
Microsoft Azure eBook

Related posts

Cloud Engineer

Systems Engineer – Cloud

Cloud Monitoring and Automation Engineer, IT Infrastructure & Operations (I&O)

Systems Engineer (Cloud Platform)

Cloud / Virtualization Systems Engineer

Data Analyst