Directory & Privileged Access Engineer

Our Client The Group Technology division is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. They operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Company. What will you do? The IAM Engineer will provide subject matter expertise and execution of the Organization's Directory & Privileged Access and Identity Management landscape, including SSO and MFA. Functions will include delivering and operating solutions towards authentication and access management as a service for both cloud and on-premises solutions. What will make you successful in this role? Responsible for the implementation, configuration, administration, maintenance and operation of Directory and Privileged Access in accordance with the business's reliability and capacity requirements. Collaborate with stakeholders, including business leaders, project managers, developers and architects to understand requirements and constraints. Act as subject matter expert on Directory and Privileged Access -related matters such as user role-based access control (RBAC), privilege escalation, Privileged Access Management (PAM), LDAP etc. Active engagement with technology partners to deliver an integrated solution across platforms. Collaborate with Security Architecture as is applicable. Collaborate with IAM (Identity and Access Management) and Role Based Access platforms and services teams. Design and implement procedures and best practices in Directory and Privileged Access as applicable for cloud and on-premises solutions. Stay up to date with the latest industry trends, technology, emerging threats, and best practices in Directory Services, Privileged Access, Cloud Identity, RBAC and security. Ensure appropriate standards, patterns, best practices and operational maturity models are in place and monitored. Provide guidance to internal and external stakeholders. Research and implement new technologies in the Directory and Privileged Access technology space. Responsible for day-to-day operations and onboarding of accounts in the Directory and Privileged Access space. Receive and process requests for account provisioning, modification and deprovisioning. Participate in Directory and Logical Access Platforms and Services Product Development Lifecycle. Qualification Matric A relevant IT qualification Cloud certification or technologies preferable. AWS Certified Solutions Architect or Microsoft Azure Solutions Architect Expert preferable. Experience Minimum 4 years of experience in technology roles. Proven experience in designing and implementing Directory & Privileged Access solutions for large enterprises. Proven experience delivering and managing Active Directory, Azure AD/Microsoft Entra ID, Azure AD Domain Service/Microsoft Entra Domain Services, Azure AD Connect/Microsoft Entra Connect Sync, AWS Managed Microsoft AD and similar technologies. Real-world experience in IAM technologies or Directory & Privileged Access Working experience with Windows, scripting (e.g. PowerShell), and Linux Scripting. Experience working in a hybrid- and multi-cloud environment (AWS preferred) and cloud technologies (AWS & Azure technologies preferred). Hands on experience of deploying and supporting IAM Federation capabilities like SSO, SAML, OAuth, OpendID and SCIM. Experience in cloud security concepts. Experience working in an Agile environment. Proven experience delivering long-term, repeatable IaC solutions into an overall CI/CD process and Terraform. Scripting skills in at least one interpreted language (Bash/PowerShell/Python) Expertise with PAM solutions (BeyondTrust preferred; StrongDom, Hashicorp Boundary in addition would be ideal) Working in a DevOps environment (including proven CI/CD experience with technologies such as GitLab or GitHub, Nexus and others). Understanding of Security Architecture concepts including encryption, authentication, database security, Identity Providers, Enterprise single sign-on (SSO), Federated SSO, multi-factor authentication, API security. Understanding of Cloud technologies and best practices, Networking in Public and Hybrid Cloud environments, Network protocols, network architecture and security. Knowledge and Skills Operating system software and hardware and utility software Software installations and upgrades Business requirements Security management and data recovery For more information, please contact us. #J-18808-Ljbffr