Vacancy expired!
RESPONSIBILITIES:
Kforce has a client in NYC that is seeking an Active Directory Designer / Engineer.
Summary:
In this role, the Active Directory Designer / Engineer will reorganize our existing Active Directory groups, OUs, service accounts, and related objects to improve the privileged access control model for administrators and reduce risk or privilege escalation.
Responsibilities:
Active Directory Designer will design, implement, and document adjustments to our current Active Directory domain to: Use tiered administration; Prevent lower-tier admin IDs from tampering with higher tier admin IDs or service accounts; Report on permissions (preferably using a graph DB) to identify deviations from this plan
As a Active Directory Designer, you will review security scorecards from tools like PingCastle, Purple Knight, etc., and develop plans to remediate any gaps
REQUIREMENTS:
Bachelor's degree or higher in computer engineering, cybersecurity, information security, or a related field
Extremely strong understanding of Active Directory permissions and OS-level security policies
Working/functional knowledge of Kerberos authentication and Protected Users restrictions
Familiarity with: Kerberos armoring; Assessment tools like Bloodhound, PingCastle, etc.; Powershell
Strong analytical skills and experience in enterprise (multi-tier) IT admin structures
Familiarity with change management protocols
Excellent oral and written communication skills and the ability to clearly articulate to all member
Background and knowledge of risk assessment technologies and methods
Experience with developing and implementing security procedures and policies
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.