Beschreibung
Start: 15.02.2021 / ASAPEnde: 30.06.2021
Ort: Remote
Onsite: 0 Stunden
Offsite: 300 Stunden
Sprachanforderung: deutsch, englisch
Aufgabe:
We want to secure our company by separating normal from privileged (admin) accesses, to protect our ADs from take-overs and lateral moves.
For that we are searching for an expert who is able to understand and deliver:
• Creates a design adapted to our infrastructure and security needs
• As we are in the middle of a merger, there are still two networks connected via NNI. Areas with duplicate IP ranges could only be connected about PAT / NAT. We have still two big user domains and are in the middle of consolidation other smaller domains. There is a trust planned between these two big user domains. The expert has to understand this situation and to adapt the concept accordingly.
• We have separated on prem resource domains for servers and a separate mail domain managed by an external provider.
• We are using O365 and an Hybrid Exchange setup where most mailboxes are in the cloud. We use other O365 features like Teams and SharePoint. We are in the middle of moving all mailboxes from both companies to one Tenant. The expert should be able to clarify that ESAE (Red Forest) is the correct concept for our needs.
• Clarification of authentication for special accounts (how many and which factors). We have SmartCards and Ping Identity. In the other user domain which will be deleted on long term, we have also MFA running.
• Clarification of infrastructure for secure access for administrators (Terminal Server, VDI, separate local VM)
• Clarification if additional computers are needed physical or could be virtual
• Rough planning the effort to build the solution (or alternatives) separated in user stories we could deliver inside our 2-week sprints.
• The implementation will be done by an existing BizDevOps Team. The expert work will end with end of deign phase and concept approval. Later frequest QA checks during implementation might be optional.
Soft-Skills:
You are a proficient communicator towards senior management up as well as to technical operators. You are able to analyze complex situations with many stakeholders and interest groups and break-down and structure work to prepare a detailed concept and solution design. You are able explain ideas and solution outlines as well as big pictures to various groups. Your excellent solution-oriented delivery skills (always keep MVP in mind) and your impressive trustworthiness distinguish you from others. You are able to perform in stressful situations and make use of your deep experiences and insights gained from other comparable situations to not repeat mistakes and find feasible and solid solutions.
Fach-Skills:
We're expecting: Min. 10 years experience in identity & access management, first hands experience from several red forest concept/design & implementation projects