Technical lead for team of 4 Directory Services engineers
Design, build, and maintain Directory Services environments across various hosting platforms both on-prem and in cloud (Azure and AWS), ensuring system reliability, efficiency, and compliance with security standards
Design and manage multiple Active Directory forests and domains as well as Azure AD (Entra ID) across multiple tenants
Execute integrations of new domains arising from M&A activity
Implement and manage OIDC / SAML auth for systems and application access with SSO
Assist in migration of PKI from Windows CA to KeyFactor
Maintain and enhance the CyberArk password vault infrastructure
Develop and maintain documentation related to various Directory Services configurations, processes, and service records
Collaborate with IT security teams to establish and maintain security baselines, respond to security incidents, and ensure compliance with NIST cybersecurity standards
Develop and execute PowerShell scripts for automation of tasks, system management, and troubleshooting
Manage relevant licensing for Directory Services systems, ensuring compliance with legal and contractual obligations
Experience with infrastructure as code using Terraform and Azure DevOps
Requirements
Bachelor's degree in Computer Science, Information Technology, or related field
Minimum of 5 years of experience in Directory Services administration and engineering
Strong experience with Active Directory, Azure AD (Entra ID), ADFS, Group Policy, OIDC / SAML and PKI technologies
Proficiency in using Azure DevOps, Splunk, Okta, and PowerShell for system management
Knowledge of ITIL practices, experience in inventory management, familiarity with NIST cybersecurity standards, and experience in managing system licensing
Experience with continuous integration and deployment pipelines using Azure Pipelines and Terraform
Excellent problem-solving skills and the ability to work in a fast-paced environment
Strong communication and collaboration skills
Benefits
To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.Our hybrid work modelAbout BlackRockThis mission would not be possible without our smartest investmeHealth insuranceFlexible schedulePerformance bonus
Additional Information
About this role
About this role
We are looking for a Directory Services engineering lead who will be responsible for designing and building Active Directory, Azure AD (Entra ID), Active Directory Federation Services, Conditional Access, Public Key Infrastructure and OIDC/SAML based authentication systems.
The ideal candidate will have a strong background in systems engineering, a proven track record of maintaining high availability and performance, familiarity with NIST cybersecurity standards, and experience in managing systems & licensing.
Blackrock · Atlanta, GA