Lead Cyber Security Architect/Engineer

Lead Cyber Security Architect/Engineer

Charlotte, NC

12 months+

Serve as a subject matter expert for Directory Services (AD / AAD) under the IAM services portfolio? Perform in the capacity of AD / AAD Engineer ? Understand how the service works from a business/end-user/technical perspective? Have command of the service including its capabilities and proper use? Execute proof-of-concepts guided by Service Manager and Director? Complete assigned project/tasks in a timely manner? Interact with key stakeholders and project/program teams to understand their requirements and architect solutions based on best practices? Ensure proper oversight for quality assurance of IAM artifacts? Architect, own, and maintain processes, metrics, and procedures? Enforce adherence to architectural standards/principles? Proactively provide feedback regarding infrastructure IAM engineering methodologies, standards, and leading projects? Minimize technical exposure and risk on projects? Delivers and manages a highly available, stable, and secure Directory Services environment? Drive value realization for the services and technology within the cybersecurity controls organization? Participates in the testing (e.g., planning and execution) related to performance, disaster recovery, and business continuity for AD and AAD? Work with Solution Architect and onboard new technologies which can enhance the security of Active Directory and Azure Active Directory.? Design & implement new solutions like Windows Hello for Business, MFA, Conditional Access, TAP, Entra Lifecycle management, Secure Service Edge, Authentication strengths and Application management.? Understanding of Design & Implementation of Microsoft Defender for Identity (MDI) on all the Domain Controllers. Integrating it with Syslog server and generating the security events? Understanding of design and implemented Conditional Access policy which enhances the security of Identity, device & Cloud applications as part of the Zero trust methodology.? Understanding of design and Implemented Quest-On Demand Recovery, RMAD, and Forest recovery for end-to-end disaster recovery of Active Directory and Azure AD.? Design and Implement Azure AD B2B.? Design and Implemented Multifactor solutions ? Understanding of ADFS ? Managing day to day Changes, Escalations and Incidents related to the internal AD & AAD infrastructure.? Configuring and Managing of Active Directory infrastructure on Windows Server.? Good knowledge on PowerShell for Active directory/Azure AD.? Administration of the complete ADUC structure and make changes to the design? Active Directory Objects via Active Directory Users and Computers. Components Restriction, Folder Redirections, Software Deployment. Administrative Templates, Windows Settings, Group Policies.? Working on Azure AD and Azure AD Connect.? Collaborate with global team members based in the US, India, and EMEA.

Must be US Citizen - This is ITAR RequirementBachelor?s or graduate degree in a computer-related field such as Computer Science, Computer Information Systems or equivalent.? 5+ years of experience in Information / Cyber Security or Information Technology fields? 2+ years developing, architecting, and implementing enterprise class IAM/security solutions.? Good understanding of Identity and Access Management services (SSO, LDAP, IGA, PKI, etc.)? Good understanding of enterprise environment and how IAM services connect in a highly matrixed organization? Attention to detail and willingness to learn

Securing the Directory from both a physical and logical aspect? Defining the logical organizational structure (OU/Tree organization)? Understanding of LDAP structures such as schemas, object classes, and attributes? Understanding of Administrative model (how we manage objects)? Authentication & Authorization types (Federation/SSO, LDAP/Kerberos, MFA)? Knowledge of on premises & cloud directory functions? Directory synchronization? Directory consolidation? Working knowledge of MS Windows? Understanding of DNS & Networking? Active Directory specific experience? Scripting knowledge including bash, PowerShell, python etc.? Troubleshooting experience with Directory replication? Group Policy Management? Detailed knowledge of Azure AD & Azure AD Connect? Working knowledge of Conditional Access Policies? Knowledge/Experience with Directory as a Service (DaaS)? Experience with federation services? Experience with testing concepts and techniques? Working knowledge of Unix/Linux? Identity security best practices? Results-focused visionaries that consistently deliver high-quality solutions.? Understanding of ITIL process, such as Incidents, Change & Problem management? Experience in working in a global, process-driven organization? Experience managing a geographically split organization and working in a multi-cultural environment? Interpersonal communication and organizational skills? Understanding of encryption, certificates, and digital signatures