The Senior Active Services Directory Engineer will join BHGE Identity and Access Management team, that is part of Cybersecurity Risk and Compliance organization.
The Senior Active Directory Engineer provides support, implementation, and design services for BHGE Active Directory and AD-based systems across the enterprise, including directory and identity management solutions. He/She will assist in the delivery of BHGE's Directory Services technology solutions. Applies new solutions through collaboration with the team and determines course of action for new integrations and business initiatives. Implements directory services solutions as required by the business. The core infrastructure technology duties include enterprise Microsoft Active Directory and Windows file services architecture creation and management, global system security and policy configuration, and top-level support for enterprise-wide initiatives.
The ideal candidate will have an in-depth knowledge of Active Directory, Federation, Windows Servers (2008, 2012, and 2016), Windows security, AD Proxy, Virtual Directory solutions and related technology.Essential Responsibilities:
In the role of Senior Active Directory Services Engineer, you will:
- Have hands on experience with the Microsoft identity stack including Enterprise Active Directory, as well as experience working with IAM in the Cloud, so Azure AD, AD Connect, and AWS IAM are essential.
- Define and document functional and technical requirements for integrating new or existing IAM platforms including provisioning, de-provisioning and integration of applications for authentication
- Install, configure, and maintain Active Directory and third party software utilities for hardware systems within company operational guidelines.
- Create and maintain system documentation for domain technologies, including installation, configuration, and appropriate troubleshooting steps.
- Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
- Minimum 7 years overall IT experience with 3-5 years of experience working with Microsoft Identity technologies including Active Directory, Windows File Services, and Group Policies.
- Must be willing to travel less than 25% of the time
- Must be willing to work out of an office located in Houston, TX
- Experience working with Microsoft Identity technologies including Active Directory, Windows File Services, and Group Policies.
- Expert knowledge in administering Active Directory (AD) and GPO's.
- Expert knowledge of AD, ADFS, PKI in Windows Server, Windows Server 2008, 2012, and 2016.
- Expert Knowledge of MS AD Azure, and AWS AD.
- Expert knowledge of DNS, DHCP, WINS, DFS, in a Windows 2008, 2012, and 2016 landscape.
- Knowledge of Microsoft Forefront Identity Management, Microsoft Exchange, Quest Active Roles Server (ARS) are preferable.
- Extensive experience with infrastructure and server theories, principles and concepts; application infrastructure and standards; networking fundamentals; Windows; Physical Server architecture; Virtualization Technologies (e.g. VMware, Hyper-V) and LAN/WAN/Firewall/VPN network technologies.
- Develops, documents, and enforces the standards, security procedures, and controls for access to ensure integrity of the Windows Systems, Active Directory, and related systems.
- Knowledge of server virtualization technologies, preferably VMware and/or Microsoft technologies
- Experience with Multi-Factor technologies
- Agile, ITIL and Rally experience