Enterprise Identity Engineer -IAM

Responsibilities:

• We are seeking a highly skilled engineer to manage and support enterprise identity and security infrastructure. This role involves administration, troubleshooting, and automation across Active Directory, certificate services, federation services, and related technologies. The ideal candidate will have strong expertise in authentication protocols, scripting, and cloud integration.
• Please note that this position includes the enterprise administrator role, which is Tier 0 security access. Due to the cybersecurity risks associated with this level of access, we are requesting additional items to be included in the background check review. Please see the attached enhanced background check request for details on these requested items.

Key Responsibilities

• Administer and maintain Active Directory (AD), including domain controllers, replication, and security hardening.
• Manage Active Directory Certificate Services (ADCS) and Public Key Infrastructure (PKI).
• Support Active Directory Federation Services (ADFS) and integration with identity providers.
• Implement and maintain Azure Information Protection (AIP) for data security.
• Utilize Quest tools (Change Auditor, RMAD, GPOAdmin) for auditing, recovery, and policy management.
• Configure and manage Hardware Security Modules (HSM) for cryptographic operations.
• Deploy and manage infrastructure in AWS using Terraform for automation and Infrastructure-as-Code.
• Ensure secure authentication using Kerberos, including SPNs and Keytabs.
• Design and enforce Group Policies for security and compliance.
• Develop automation scripts using PowerShell for operational efficiency.
• Collaborate with security teams to ensure compliance with organizational standards.
• Provide on-call support for critical identity and security services as part of a rotation schedule.
• As a member of an agile team, participate in Agile ceremonies and collaborate with application developers, business customers, project managers, and other infrastructure teams.

Required Skills & Qualifications

• Strong experience with Active Directory, ADCS, ADFS, and PKI.
• Proficiency in Kerberos authentication, SPNs, and Keytab management.
• Hands-on experience with Group Policy Objects (GPO) and policy troubleshooting.
• Advanced PowerShell scripting for automation and reporting.
• Familiarity with Azure Information Protection (AIP) and identity security.
• Experience with Quest tools: Change Auditor, RMAD, GPOAdmin.
• Knowledge of HSM configuration and cryptographic key management.
• Cloud experience with AWS and Infrastructure-as-Code using Terraform.
• Strong understanding of enterprise security principles and best practices.

Soft Skills

• Excellent problem-solving and analytical skills.
• Strong communication and documentation abilities.
• Ability to work independently and in a team environment.

Top 3 skill sets/technologies required for qualification:

1. Active Directory (AD), including domain controllers, replication, and security hardening.
2. Active Directory Certificate Services (ADCS) and Public Key Infrastructure (PKI).

Terraform and Infrastructure

About SES:
Systems Engineering Services Corporation (SESC), founded in 1989, is a leading provider of technology solutions to Fortune 1000 companies and government organizations. Specializing in Accelerated Development Services (agile application development, mobile, systems integration, project and program management), Architecture Services (SOA, microservices, Cloud), Data Services (DW, BI, Big Data), Testing, Cyber Security and DevOps, SESC is guided by a corporate mission to provide valuable solutions to our client s technology needs through responsive quality services.
Contact Information:
Please contact me for all of the details of the client company, environment, and the position. I look forward to speaking with you.

Jim Murphy