IAM Associate AD Engineer
Northwestern University
Evanston, IL
Job posting number: #7161851
Posted: August 14, 2023
Application Deadline: Open Until Filled
Job Description
Job Summary:The Active Directory Associate Engineer provides support for a complex environment(s). They provide knowledge, skillsets and subject matter expertise (SME) of Microsoft AD Architecture, infrastructure and identity integrations with various technologies and services.
In this role, you will apply your knowledge and skillsets to provide support, consultation, testing, documentation and implementation for Microsoft Active Directory, Cayosoft, Azure AD, Unity Sync and Windows based systems. That will include configuration/implementation of new functionality, versioning, modify existing set ups, and provide Tier 3 support for trouble shooting various issues or incidents. You will also provide an array of consultative information, guidance and/or assistance to various groups within NUIT as well as NU schools and units.
As an AD Associate Engineer you will need to have acquired experience 1-3 years hands on with Active Directory Server (ADS), Azure AD and other Microsoft and Identity products. You will assist with strategic planning and will work to ensure that IAM systems/solutions are both resilient and adaptive to an evolving Identity landscape. The IAM AD Engineer works on IAM projects within the MS team and provides guidance to other staff, as well as ensures compliance with all security associated NU. Works closely with stakeholders throughout Northwestern to implement IAM best practices and controls.
Please note: Hybrid work schedule requiring days on site.
This position will be required to participate in an on-call schedule that may result in occasional evening or weekend work.
The incumbent will be required to carry a Northwestern cell phone, or receive a subsidy for a personal device that can be used for business purposes (such as participating in the on-call schedule).
Specific Responsibilities:
Strategic Planning
· Contribute to Risk Assessment and IAM Evaluations
o Contribute to yearly and roadmap planning of the IAM portfolio.
o Participate in support processes and systems around vulnerability assessments, security risks and help with IAM changes to move to best practices.
Administration
· Act as IAM point-of-contact for MS team products and back up as necessary.
· Serve as Tier 3 support and an escalation point for domain technology issues that cannot be solved by Tier 1 and Tier 2 support. Perform/Own root cause analysis, problem management, documentation and communication for Identity Environment(s).
· Perform daily system monitoring, verifying the integrity and availability of all hardware, server resources, system and key processes, reviewing system logs and verifying completion of scheduled tasks/jobs.
· Create and maintain system documentation for domain technologies, including installation, configuration, and appropriate trouble shooting steps.
· Monitor systems and services for conformity to existing policies, standards, and guidelines
Engineer
· Ability to make AD configuration changes, schema extensions/modifications, set up or modify GPO’s, OU’s, trusts, etc.
· Implement solutions for Active Directory infrastructure for efficiency and continuous improvement opportunities as directed by lead.
· Ability to learn to create powershell scripts, read code, utilize Git for versioning and use an orchestration tool like (Cloudbees, Rundeck or other) for automation.
· Participate in projects in the design, development, testing, and implementation of technical solutions which advance strategic initiatives in IAM.
· Implement recommendations for assigned projects, in consultation with project team(s) and/or other NUIT staff
· Draft and review documentation such as analyses of technical, administrative, or procedural issues; procedural documentation/playbooks; and team documentation
Performance
· Collaborate with other Identity staff or NUIT staff as needed for incident remediation or incident investigations
· Provides troubleshooting and investigation assistance to MS Team regarding potential or actual Identity incidents.
· Develop IAM MS team expertise through university-provided and external training/seminars/courses; staying abreast of industry trends, methods, and published literature; and participating in professional development programs/initiatives and approved by information security management.
Miscellaneous
· Performs other duties as assigned.
Minimum Qualifications:
· Successful completion of a full 4-year course of study in an accredited college or university leading to a bachelor's or higher degree in a major such as computer science, information technology, or related; OR appropriate combination of education and experience.
· Knowledge of MS Active Directory services. (Windows Server on premise or Azure AD).
· Ability to learn installing, configuring, upgrading, AD configuration changes, schema extensions/modifications, set up GPO’s, OU’s, trusts, etc.
· Ability to learn scripting in Powershelll and the ability to read code, utilize Git and automate activities.
· Ability to learn AD reports and usage of splunk.
· Ability to learn problem resolution/ Tier 3 troubleshooting, on call and incident response.
· Ability to learn to monitor and performance tune Windows operating systems including – connectivity, synchronization, replication, netlogon, time services, schema, database partitions, DNS settings, SRV records, certificate authorities and trust relationships.
· Ability to learn and support IAM on premise systems, SAAS and Cloud based solutions.
Minimum Competencies: (Skills, knowledge, and abilities.)
· Successful completion of a full 4 year course of study in an accredited college or university leading to a bachelor’s or higher degree in a major such as computer science, information technology, or related; OR appropriate combination of education and experience
· Strong oral and written communications skills.
· Excellent interpersonal skills to interact with customers, team members, and senior leaders (verbal and written)
Preferred Qualifications:
· Bachelor’s degree in a computer science or related field
· Experience in a higher education environment
· Knowledge of system administration – basic AD server platform knowledge.
· Knowledge and Experience with : IT Operations and help desk tickets and troubleshoot issues.
· Desire to learn industry skillsets and certifications.
· Analytical skills with ability to relate to technical and non-technical personnel.