Identity Engineer (IT Security)
6 Months. Likely Extension.
£500 per day. Outside IR35
Remote - UK based. Office in Glasgow and Edinburgh.
An experienced AD Identity Engineer is required support the IT Security function with delivery of several key Identity and access management related initiatives, as part of a wider roadmap of security improvements. This includes RBAC, PAM, HSM deployment, and other objectives as detailed below
- Deployment and continued maintenance of a rationalised Role Based Access Control pattern across the Active Directory estate.
- Deployment and maintenance of a "Safenet" Hardware Security Module, including onboarding of relevant technologies and supporting platform teams with their use of the product.
- Support the development of a Privileged Access Management solution, with emphasis on automated password rotation and policy enforcement for privileged accounts.
- Document all configurations to ensure product longevity, product support stability, as well as developing playbooks and processes to support this.
- Delivery of a Security Orchestration, Automation and Response (Cortex XSOAR) playbooks, specifically those relating to identity management and assurance.
- Review and resolve technical identity related service requests / tickets as required.
- Assist with rationalisation of the DNS environment
- Support improvements to certificate lifecycle management
- Assist with response to identified Cyber Security related incidents as part of the wider IT Security function
- Creation and maintenance of powershell automation for Active Directory / Azure Active Directory tasks
- Managing identity and access management services with complex solutions and toolsets, with particular focus in the following areas: o Active Directory / Azure Active Directory o Single sign on, including SAML/OpenID Connect/OAuth/LDAPS Configuration, Conditional Access Policies o Implementation and ongoing management of Multi-factor authentication processes and toolsets, preferably Microsoft Authenticator o Use of OneIdentity ActiveRoles in a hybrid AD environment
- Experience of working within an Agile project managed delivery
- Knowledge of PKI, Certificate authorities, Safenet HSMs and key management, and certificate management.
- Relevant industry certifications (or equivalent experience), related to the following technical domains: o Microsoft Azure o Windows Server o VMWare and virtualisation technologies
- Experience of IT Service Management practices (ITIL)
- Experience of Project Management and delivery practices
- Experience of working in a Government department