Active Directory Sr. Systems Engineer.
Worksite Type : Hybrid; 2 days in office based out of Mississauga
The primary responsibility of the role will be configuring, managing, access governance, maintaining, and optimizing IAM/Active Directory ecosystem in a hybrid cloud design (on premise, Azure, AWS). The role is a blend of administration & field support therefore a positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm, respectful, and efficient manner.
Responsibilities
- SME on Access Management & Identity Governance and Administration on Microsoft enterprise systems, Identity life cycle management.
- Expert in documentation, workflows, system configuration, optimization, and support related to access, while working with IT teams to deploy new applications and functionality.
- Good to have experience on IGA products and technologies from PING, SailPoint, Okta, Microsoft, CyberArk, etc
- Participate in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations.
- Ability to support application and admin user access to both on premise and cloud (Azure AWS)
- Manage and maintain privileged identity Access Management(IAM) across products and services (users, groups, computers, etc.)
- Experience with Single sign on(SSO) and multi factor authentication(MFA) and SCIM Integration
- Expert knowledge of authentication protocols with SAML, OAuth, OpenID and Kerberos
- Understand and manage Group Policy Objects (GPOs), certificates, and their impact on Active Directory.
- Strong scripting and automation abilities PowerShell/PowerCLI is a must have. Good Terraform. expertise in added advantage.
- Expert knowledge and experience working with Protect Privileged Access Products like – Secret Server and Identity Manager.
- Maintain configuration control of accounts, access and AD objects stay within accordance of established Security Policies.
- Experience creating technical architecture documentation and DevSecOPS.
Qualifications & Requirements
- Degree in Computer Science/IT or equivalent
- 6-10 years in a senior technical role supporting Privileged Access lifecycle and related eco-systems that deliver secure access for users to applications, servers and desktops
- 3-5 years with cloud-based IAM solutions– good to have
- 3-5 years provisioning and supporting cloud services
- Windows Server Administration Fundamentals - Understanding Active Directory
- Industry-leading identity and Access Administrator – Sailpoint, Okta, PING, Azure etc.
- Microsoft - MCSE Server Infrastructure certification
- AWS or Azure certification
What Sets You Apart
- Exceptional communication skills and ability to work cohesively in a team environment