Beschreibung
For our client in the energy sector, we are looking for an IT Architect (f/m/d) Infrastructure to support the project starting in June.
HintergrundThe IT infrastructure of the company needs to be evolved with a clear focus on increasing security and operational efficiency. The project will define the architecture for the new infrastructure. The top level design phase is
planned to be finished at the End of 2024, followed by detailed design phase in 2025 and the implementation
in the following years.
- Design a Next-Generation Active Directory Infrastructure with extensive Automation: Objective: Conceptualize and design a cutting-edge Active Directory (AD). Utilize the latest AD features for seamless scalability and security. Implement GitOps for version-controlled infrastructure management and automation for configuring deployment, ensuring rapid adaptation to evolving business needs. Focus on complex forest and domain configurations, multi-site replication, and granular group policy management. Ensure least privilege access and regulatory compliance in alignment with organizational requirements. Consider strict RBAC approaches. Ensure comprehensive OS/SW-patching- and autoimage-update mechanisms.
- Design Identity Management Solutions with Secure Authentication Protocols: Objective: Conceptualize and design modern identity management solutions using secure standards for domain-overspanning authentication and authorization, ensuring seamless integration with on-prem enterprise environments. Design adaptive authentication standards to enhance security and user experience. Utilize automation pipelines for seamless deployment and management of authentication services. Utilize GitOps for declarative configuration management, enabling efficient scaling and continuous delivery of identity services.
- Conceptualize a PKI Ecosystem with Secure Key Management and GitOps Integration: Objective: Design and conceptualize a robust PKI and Vault ecosystem with secure key management practices. Develop automated processes for credential rotation and cryptographic key management to enhance security posture. Integrate key management with GitOps workflows to automate certificate lifecycle management and ensure compliance. Employ advanced cryptographic techniques to enhance security and facilitate seamless key distribution across the infrastructure.
- Conceptualize the Enforcement of Zero Trust Security Principles: Objective: Define hands-on Zero Trust security principles and strategies. Design automated solutions to mitigate security risks and enforce strict access controls based on identity and context.
- Microsoft Active Directory (AD)
- PKI Implementation
- Identity Management
- Password(less) Technologies
- Identity Federation Protocols
- Zero Trust Security Principles
- GitOps Methodologies / Ansible-based Windows Management / Operational Management Efficiency
- Multi-Security-Zoning Principles
https://www.etengo.de/it-projektsuche/93735/