Req ID: 294536
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a Engineering Specialist Advisor(Azure AD/Identity) to join our team in Mexico, México (MX-MEX), Mexico (MX).
Remote Systems Engineering Specialist Advisor - Active Directory/Azure AD
Role Overview
The NTT DATA Services Security organization is looking for talented security-oriented Systems Engineering Specialist Advisor with strong Active Directory/Azure AD/Identity skills. This role will be part of a larger dedicated security team dedicated to supporting, troubleshooting, upgrading Active Directory, Azure AD and related Identity technologies.
Role Responsibilities:
- Active Directory designing, Architecture Solutions, Integration with platforms & Applications
- Develop an architecture of directory solutions for Windows, Unix, and related platforms
- Experience in consolidations of multiple forest and domains and demonstrated understanding on User accounts, machine accounts, GPOs
- Understand the requirement and create a migration plan for any services i.e. DNS, DHCP, and Certificate Services (PKI) etc.
- Analyzing the requirement and design a solution to fulfil the requirement with zero impact to other platforms
- Develop a power shell scripting with AD modules or VB .Net based on the requirements
- Manage Azure active directory design, Architect Solutions, Integration with platforms & Applications and AD connector to Azure
- Auditing the security logs and integrating with SIEM
- Conducting POC with multiple vendors for AD solutions and prepare detailed test cases. Create a clear recommendation document with pros and cons for senior management
- Vulnerability Assessment and Management related to Active Directory, DNS & Windows platforms
- Active Directory consolidations including application integration working with application teams
- Recommend security best practices to achieve stated business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results
Required Qualifications:
- Minimum 13 years relevant experience in Architecture and designing, solutions & Migrating Active Directory, Azure AD, Windows & End points
- Strong Demonstrated experience with Active Directory migration tool or equivalent and consolidation of Global Forest and Domains. Hands on experience in successful consolidation of AD Forests and Domains
- Good Knowledge on Quest Active Directory recover tools or similar DR tools.
- Must have hands-on experience working on Azure AD (Azure Active Directory)
- Extensive Experience working as Azure Admin for enterprise Active Directory setup and maintenance
- Strong experience in AD Trusts, two-way Trusts and one-way Trusts and deep knowledge of Active Directory Schemas and meta data
- Strong Knowledge on Azure AD Identity Management & Integration with on premise
- Strong knowledge of Azure Active Directory technologies, including authentication models, federation, Multifactor Authentication (MFA), conditional access policies and other relevant capabilities.
- Knowledge of best practices in AD/Azure Privileged access management and modern AD/Azure Secured Administration practices
- Strong Power Shell scripting
- Strong Knowledge on IAM disciplines like PIM and Privilege Administrative Accounts PAM solutions such as Cyber Ark
- Good knowledge on ADFS and Azure AD sync connectors
- Strong familiarity with DNS Active Directory integrated, partitions and Infoblox & DHCP systems and Migration of services from Active Directory any platform
- Demonstrated knowledge and experience in AD assessment in terms of OU delegation, GPOs, permission etc.,
- Expertise in Active Directory versions 2003, 2008R2, 2012R2 & 2016, 2019 and Azure Active Directory
- Good knowledge and hands on experience in setting up lab based on the solution requirements
- Demonstrated working knowledge and hands on experience in AD disaster recovery, Replication issues and resolution using tools such as repadmin
- Demonstrated experience in writing and applying GPOs, especially related to domain consolidations
- Good Knowledge on Active Directory & windows audit logs and levels and SIEM integration
- Good knowledge on Networking, firewalls, including host firewalls, DNS, DHCP, DFS & Network load balancers and Secure Global Directory or Secure LDAP
- Good knowledge on Cryptography, certificates, PKI, symmetric, asymmetric keys, Encryption & hash algorithms
- Good knowledge on AD authentication protocols Kerberos, NTLM, LDAP, LDAPS & LDAP-Start TLS
- Good knowledge on Network log capturing & analyzing the network packet captures through the tools Wireshark, Tshark, Microsoft NM etc.,
- Good knowledge on application integration with LDAP & Kerberos i.e. Keytab, krb5 etc.,
- Good knowledge on AD migration tools like ADMT, Quest etc., knowledge on AD trusts, forest, domain tree structures, sites, DNS, GPOs, OU, FRS, DFSR.
- Good knowledge on any Identity & Access Management tools like FIM, MIM, OIM, Quest etc.,
- Exposure to SAML, OAuth, Open ID and other security/IAM related standards
- Strong hands-on familiarity with host-based security solutions, Forensic & Investigation agents, and Compliance scanning and reporting, Hardening Active Directory
- Knowledge of single sign-on, federation, active directory/LDAP, Kerberos/NTLM authentication & integrated Windows authentication
- Good knowledge on Identity management and Role based access control, attribute-based access control & entitlement management
- Good knowledge on power shell scripting with AD modules or VB .Net and ability to write scripts based on the requirement
- Excellent communication skills, especially verbal and written
- Good documentation skills to write a design & configuration documents version controls
- Excellent Interpersonal skill and ability to work as part of a team
- Home office for remote work
- Ability to work some weekends and late nights performing approved changes
- ITIL V3 or later experience, experience in writing change request and attending Change Advisory Boards (CAB) meeting
- Experience with Security Controls and compliance.
About NTT DATA
NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com
NTT DATA is an equal opportunity employer and considers all applicants without regarding to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees. If you need assistance or an accommodation due to a disability, please inform your recruiter so that we may connect you with the appropriate team.