MORE ABOUT THIS JOB
The Directory Services Engineering team within the User Platform Engineering organization is looking for an experienced engineer in the Active Directory and Azure Active Directory space.
This position will be working with a global team responsible for the architecture, design and development of systems supporting the Active Directory and Microsoft Azure environments for Goldman Sachs.
The Active Directory infrastructure supports wide and varied services that require high availability and performance in a secure environment.
As a member of the Directory Services Engineering team, this position will help design, engineer and deploy solutions to help ensure the security and resiliency of the Active Directory platforms within Goldman Sachs.
Microsoft Azure-based services are becoming critical to the operation of medium and large enterprise environments. The ideal candidate will have experience configuring Azure Active Directory, Azure Active Directory Connect and be familiar with the authentication, authorization and Conditional Access options and capabilities of the Azure platform.
Responsibilities will also include coordinating with various technology infrastructure teams for infrastructure projects, managing systems lifecycle and evaluating existing solutions for optimizations or enhancements.
The position will also be engaged in vendor management, industry analysis, product benchmarking and contributing to the technical understanding and promotion of new and existing standards, solutions and tools.
The ideal candidate will have will have a minimum of five years in management of an Active Directory Infrastructure, as well as projects in the Single Sign On and Federated Identity space in medium to large enterprise environments.
RESPONSIBILITIES AND QUALIFICATIONS
HOW YOU WILL FULFILL YOUR POTENTIAL
Work with a global team of highly motivated platform engineers and software developers delivering solutions specializing in a range of technologies with a remit to define and build integrated architectures for secure, scalable infrastructure services serving a diverse set of internal and external use cases
Collaborate with Active Directory engineers across Goldman Sachs and Microsoft to optimize and enhance the security and runtime operations of different Active Directory instances within Goldman Sachs
Engage with Active Directory consumers to collaborate on efficient and secure integration approaches for their application requirements
Contribute to the adoption of the Microsoft Azure platform by researching, advising and implementing capabilities across the breadth of Azure and Office 365 services
Automate tasks in the Active Directory and Azure functional areas to increase efficiency of the team and detect abnormal behavior of the systems
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
Deep technical knowledge of complex Active Directory environments in medium to large enterprises that include multiple forests and trust relationships across the forests in firewalled networks
Experience architecting and implementing business continuity plans, recovery strategies and hardening strategies for Active Directory Domain Services environments
Implementing controls to ensure appropriate security, performance, scalability and monitoring guidelines are achieved for the Active Directory instances.
Experience integrating solutions with an Active Directory Domain Services environment, including scenarios such as Exchange, Azure, Office 365 Hosted solutions, Active Directory Certificate Services, Active Directory Federation Services and smartcard authentication scenarios
Protocol-level expertise with LDAP and Kerberos
Working knowledge of Identity Management, Single Sign On and Federated Identity principles
Proficiency in designing, developing and testing software in PowerShell; willingness to learn and adopt new languages
Fundamental understanding of secure application and environment design and management concepts
Strong understanding of systems development lifecycle best practices
Must be able to sustain a high rate of workflow and work on multiple projects
Must have exposure to the project management role in an enterprise environment
The person will need good verbal and written communication skills. He / she needs to show past experience in utilizing various influencing skills and be able to collaborate, communicate and deliver in a global environment
Ability to present to management, internal client audiences or professional peers, and ability to work independently on problem solving and investigation
Proficiency in designing, developing and testing software in C#
Experience implementing and managing Active Directory Lightweight Directory Services (ADLDS) instances.
Proficiency in designing, developing and testing software in C# and Java; willingness to learn and adopt new languages
Good development knowledge or product expertise with Identity Management products (e.g., Microsoft Identity Manager)
Development knowledge or product expertise with Single Sign On / Access Management products (e.g., SiteMinder, OpenAM, Shibboleth) or Federated Identity products (e.g., ADFS, PingFederate)
Ability to create reports on trends, perform gap analysis, perform risk analysis and provide recommendations to address deficiencies in the environment
Expertise in operating and implementing commercial and / or open source monitoring software