Systems Engineer - Active Directory
Goldman Sachs
Shanghai, China
source : EFinancialCareers Ltd.


The Directory Services Engineering team within the User Platform Engineering organization is looking for an experienced engineer in the Active Directory and Azure Active Directory space.

This position will be working with a global team responsible for the architecture, design and development of systems supporting the Active Directory and Microsoft Azure environments for Goldman Sachs.

The Active Directory infrastructure supports wide and varied services that require high availability and performance in a secure environment.

As a member of the Directory Services Engineering team, this position will help design, engineer and deploy solutions to help ensure the security and resiliency of the Active Directory platforms within Goldman Sachs.

Microsoft Azure-based services are becoming critical to the operation of medium and large enterprise environments. The ideal candidate will have experience configuring Azure Active Directory, Azure Active Directory Connect and be familiar with the authentication, authorization and Conditional Access options and capabilities of the Azure platform.

Responsibilities will also include coordinating with various technology infrastructure teams for infrastructure projects, managing systems lifecycle and evaluating existing solutions for optimizations or enhancements.

The position will also be engaged in vendor management, industry analysis, product benchmarking and contributing to the technical understanding and promotion of new and existing standards, solutions and tools.

The ideal candidate will have will have a minimum of five years in management of an Active Directory Infrastructure, as well as projects in the Single Sign On and Federated Identity space in medium to large enterprise environments.



  • Work with a global team of highly motivated platform engineers and software developers delivering solutions specializing in a range of technologies with a remit to define and build integrated architectures for secure, scalable infrastructure services serving a diverse set of internal and external use cases
  • Collaborate with Active Directory engineers across Goldman Sachs and Microsoft to optimize and enhance the security and runtime operations of different Active Directory instances within Goldman Sachs
  • Engage with Active Directory consumers to collaborate on efficient and secure integration approaches for their application requirements
  • Contribute to the adoption of the Microsoft Azure platform by researching, advising and implementing capabilities across the breadth of Azure and Office 365 services
  • Automate tasks in the Active Directory and Azure functional areas to increase efficiency of the team and detect abnormal behavior of the systems

  • Deep technical knowledge of complex Active Directory environments in medium to large enterprises that include multiple forests and trust relationships across the forests in firewalled networks
  • Experience architecting and implementing business continuity plans, recovery strategies and hardening strategies for Active Directory Domain Services environments
  • Implementing controls to ensure appropriate security, performance, scalability and monitoring guidelines are achieved for the Active Directory instances.
  • Experience integrating solutions with an Active Directory Domain Services environment, including scenarios such as Exchange, Azure, Office 365 Hosted solutions, Active Directory Certificate Services, Active Directory Federation Services and smartcard authentication scenarios
  • Protocol-level expertise with LDAP and Kerberos
  • Working knowledge of Identity Management, Single Sign On and Federated Identity principles
  • Proficiency in designing, developing and testing software in PowerShell; willingness to learn and adopt new languages
  • Fundamental understanding of secure application and environment design and management concepts
  • Strong understanding of systems development lifecycle best practices
  • Must be able to sustain a high rate of workflow and work on multiple projects
  • Must have exposure to the project management role in an enterprise environment
  • The person will need good verbal and written communication skills. He / she needs to show past experience in utilizing various influencing skills and be able to collaborate, communicate and deliver in a global environment
  • Ability to present to management, internal client audiences or professional peers, and ability to work independently on problem solving and investigation
  • Preferred Qualifications

  • Proficiency in designing, developing and testing software in C#
  • Experience implementing and managing Active Directory Lightweight Directory Services (ADLDS) instances.
  • Proficiency in designing, developing and testing software in C# and Java; willingness to learn and adopt new languages
  • Good development knowledge or product expertise with Identity Management products (e.g., Microsoft Identity Manager)
  • Development knowledge or product expertise with Single Sign On / Access Management products (e.g., SiteMinder, OpenAM, Shibboleth) or Federated Identity products (e.g., ADFS, PingFederate)
  • Ability to create reports on trends, perform gap analysis, perform risk analysis and provide recommendations to address deficiencies in the environment
  • Expertise in operating and implementing commercial and / or open source monitoring software
  • 報告此工作

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通过点击 "继续", 我 同意neuvoo处理我的信息数据, 并给我发送电子邮件提醒 详见neuvoo 隐私政策 。我可以在任何时候取消订阅。