Active Directory Security Engineer (m/f/d) | 04989

Beschreibung

Active Directory Security Engineer (m/f/d)
With around 1000 employees and currently 500 freelance consultants, we support well-known companies in the implementation of their IT projects.

For one of our clients near Nuremberg we are looking for an Active Directory Security Engineer (m/f/d) on a freelance basis.
Aufgabenbeschreibung:

• implementation coordination and 4th level escalation consultation of complex, enterprise level Active Directory solutions, specifically pertaining to security.
• The individual will work outside the engineering organization, rarely interacting with peer teams and partner groups, scaling and deploying improvement, consolidation and migration efforts within the enterprise.
• The candidate must be able to operate and function well in a multi-cultural, geographically dispersed virtual team environment.

Anforderungen:

Required Skills

• At least 5-10 years of dedicated Active Directory engineering and architecture experience that includes implementing and maintaining complex enterprise level (50K+ objects) Active Directory solutions and security models
• Overarching broad and deep technical experience with Active Directory Security

Extensive experience and advanced knowledge implementing Windows security concepts and policies, least-privilege design principles, Active Directory Hardening,

• Extensive knowledge of AD Security best-practices, latest security threats/trends and mitigation thereof

Experience with best practices for Active Directory disaster recovery, object management, security models and trust creation
Granular ACE permissions models meeting functional and technical requirements
Advanced PowerShell scripting experience and capabilities
Strong working knowledge of Windows 2008, 2012 and 2016 operating systems platforms, DNS, networks, DMZs, firewalls, network security zones and IPv6
Deep, in-depth working knowledge of Kerberos and NTLM authentication, MFA, SSO and federation technologies
Extensive and deep knowledge of Group Policy Objects (GPOs), engineering, implementing and 3rd party management solutions thereof
Strong knowledge of LDAP and ability to comfortably construct queries
Experience performing large scale upgrades, migrations, transitions and consolidation of Active Directory domains and forests
Experience in configuring and managing Azure AD, Conditional Access, AAD Connect and ADFS.
Understanding in modern authentication protocols (OpenID connect, Oauth, SAML2)
Experience and confidence to be the subject matter expert (SME) in an environment of this size and scale in order to coordinate technical efforts and resolve issues across multiple teams
Working knowledge of Certificate/CA/PKI infrastructure
Excellent communication skills, including proven experience effectively communicating technical challenges and solutions to peers, customers and senior management

Required Skills
Experience and knowledge in the MS Admin tiering model and PAW concept
Microsoft Log Analytics,
Microsoft Advanced Threat Analytics (ATA)
Microsoft Azure AD
Microsoft management and monitoring solutions (SCCM, SCOM)

beneficial Skills:
Experience with Microsoft's Enhanced Security Architecture Environment (ESAE) - "Red/Bastion/Admin" forest design; including JIT (just in time) & JEA (just enough administration) concepts;

Start: 01.05.19
Duration: 6 month
Workload: Fulltime - some Remote work is possible
Location: Herzogenaurach (near Nuremberg)
If you are interested, we look forward to receiving your skill profile: