Vacancy expired!
- Strategize, system design, architect, and oversee client’s enterprise Active Directory and domain controller functions, including Active Directory trusts, forest, domain tree structures, LDAP, ADFS, DNS, DHCP, domain controller recovery, authentication to the enterprise AD for non-AD integrated applications, AD PKI/CA management, security related audit and compliance, integration, and AD provisioning through the extensive use of IAM.
- Identify, evaluate, and participate in decision making around new extension technologies, such as GPOADmin or ADManager Plus, and disaster recovery planning and testing for all aspects of the environment.
- Develop, expand, operate, and optimize the entire AD/ADFS/IAM infrastructure through robust process design, metrics, tools, to ensure security and compliance with technology standards, roadmaps, and policies.
- Contribute to the strategy, architecture, and system design of clients’s enterprise infrastructure (on premise and cloud), hyperconverged platform, enterprise data management, and virtual desktop environment.
- Maintain, monitor, troubleshoot, and optimize services reliability, performance, supportability, and security of infrastructure by measuring and monitoring availability, latency, and overall system health.
- Develop asset inventory and manage their lifecycle (obsolescence, modernization, refresh).
- Create and document system architecture, tradeoffs, and design decisions.
- Automate routine tasks for deployment, configuration, and monitoring for all of the above.
- Implement, administer, and audit systems for compliance with existing security practices.
- Build strong relationships with business units, Information Security, Architecture and Application software teams, and vendors. Respond and communicate on any/all network and infrastructure configuration, troubleshooting, questions, and inquiries.
- Work with 24/7 cross-geography team to provide on-call support on network and infrastructure related tasks.
- Support the planning, implementation, configuration, troubleshooting, operations, and end-to-end administration of VMware VDI Horizon View infrastructure running Window 10 instant, linked, and full clones.
- Deep understanding in Office365 platform, Exchange, AD integrated DNS, AD Connect health, creating and managing user groups, SharePoint, and file shares.
- Hands on experience in migration of all the Directory objects from the source (Multiple Domains) to the target Single Domain.
- Excellent scripting skills (PowerShell, python, etc.).
- Good Windows and Linux troubleshooting skills, capable of leading through incident detection, analysis, root cause identification, and remediation.
- Knowledge of vulnerability assessments and penetration tests.
- Strong knowledge of internet routing protocols and techniques such as TCP/IP, IPsec, NAT/Firewall rules, and static and dynamic routing protocols (BGP, OSPF).
- Network load balancer, knowledge of single sign-on, federation, active directory, and OU delegation.
- AWS VPC, VPC Gateway, transit gateways, ELB, EC2, S3, Glacier, etc.
- Understanding file systems ZFS, XFS, NTFS along with enterprise storage (NAS/SAN)/data protection/backup technologies.
- Deep understanding of virtualization and hypervisors including Hyper-V, VMWare/ESX, vSphere, vSAN, NSX Cloud, Virtual Desktop Interface (VDI) administration.
- App Virtualization using VMware ThinApp, App Volumes.
- Experience on any of the monitoring tools, like Nagios, SolarWind, Splunk, Alert Logic, Tivoli, etc.
- Bachelor’s or Master’s degree (preferred) in Computer Science or related field.
- Seven (7)+ years of industry experience in design, architecture, and administration of Active Directory, Active Directory Federated Services, User Access and Identities, DNS, DHCP, GPOs, OU, FRS, RDP, AD authentication protocols Kerberos, NTLM, LDAP, and TLS.
- Solid hands-on experience in setting up and managing ADFS, ADFS claims rules, ADFS replying party trusts, managing/fixing data in a IAM environment, terminal servers, RemoteApp management, and GPO administration.
- Three (3)+ years of experience in provisioning, coding, and management of User Access and Identity data, privilege account, and password vaulting for cloud infrastructure, on premise servers, containers, and process automation along with session management, threat analytics, privilege elevation and delegation.
- Familiarity with deployment and management systems such as Ansible, Puppet, Salt, Chef, Packer, Terraform, etc.
- Familiarity with REST/SOAP/JSON APIs.
- Familiarity with IT compliance and risk management requirements e.g. PCI, PII, SOC I & II, ISO27001, NIST, etc. is highly desired.
- Understanding of departmental data center build out, including power, UPS, HVAC, cabling, and networks.
Vacancy expired!