Dir IAM Active Directory (FT Remote)
Date ActiveSep 7, 2023 2:33:15 PM
Hours Per Week40
LocationRemote - Nationwide
Job Description/ Requirements
If you’re looking for a meaningful career, you’ll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster’s values, these set us apart as a bank and as an employer.
Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!
Subject Expert responsible for designing and deploying Active Directory in a large enterprise that brings IAM operational leadership, stability and coordination for identity security services including but not limited to Active Directory/LDAP, CyberArk, Venafi, Okta, Cisco ISE, and ADFS. Drives development of strategy, vision, and roadmap for attaining effective and efficient authentication controls. Understand the complexities of Websters man systems and works to identify potential risks unique to each situation. Analyzes and resolves complex authentication, integration, and automation issues and help establish Active Directory security architecture and strategies. Mentor to any/all IT team members and an ultimate escalation point for complex issues.
Duties and Responsibilities
- Drive development of strategy, vision, and roadmap for attaining effective and efficient authentication controls
- Interface with Corporate Information Security to ensure all policy and standards are adhered to.
- Deliver operational stability in close collaboration with the Infrastructure Engineering, Network Services, Service Management, Information Security, and IT Operations teams.
- Oversee the developments and management of service based KPI and KRI as well as service level reporting for all above mentioned Infrastructure security services
- Supply metrics that demonstrate the current risk state, indicators of progress, and directory services business alignment
- Analyze and resolve complex authentication, integration, and automation issues
- Help establish Active Directory security architecture and strategies
- Work closely with technology and business stakeholders across Enterprise and associated organizations
- Proactively identify and assist in the resolution of challenges and issues that may impair the team's ability to meet strategic, business, and technical goals
- Securely manage authentication and authorization solutions for on premise and cloud solutions
- Participate in security projects from initial conception through design, testing, and implementation - Integration of role-based access control, Active Directory, LDAP, Single Sign-On, End-User provisioning, identity and access governance, and identity data synchronization services with existing applications and systems.
- Assist in the evaluation of vendor solutions to ensure they meet technology and cloud standards, as well as all applicable architecture considerations
- Define and lead in the design of programs that support and align with cloud-based online service strategies and engineering requirements for evolving security services, mechanisms, and safeguards
- Engage with development teams during operational security reviews, and provide leadership and security design guidance
- Monitor technology and security developments and ensure the company's security framework follows industry best practices
- Play a key and influential role working with others, in groups, in cross-functional settings, and with diverse stakeholders internally and externally
- Responsible for identifying opportunities for the automation of tasks, processes, or entire solutions and acting on them, as well as identifying any opportunities for improvement in the environment.
- Participate in or lead troubleshooting and incident resolution of complex high severity incidents
- Develop automated solutions using scripts and cloud-based serverless computing platforms
- Develop detailed architecture, standards, design, and implementation documentation
- Analyze current Directory Services environment to identify both technical and operational opportunities and assist in the development of continuous improvement action plans
- Collaborate closely with IAM management, architects, and service providers to implement IAM Program modernization efforts & contribute to IAM component designs, IAM service development, service integration, implementation and operations of business-wide IAM services: Provide thought leadership on IAM implementation
- Manage identity information across a number of directories utilizing various tools and scripting
- Maintain/Secure/Upgrade AD Domain Controllers across multiple Windows forests
- Monitor & Troubleshoot AD performance & replication issues
- Assist application teams with LDAP & LDAPS connections
- Managing Active Directory Services supporting AWS migration. - Supporting Active Directory Lightweight Directory Services, ADFS, SSO, etc.
- SME Group Policy Management (planning, implementing, and troubleshooting).
- Candidates with advanced degrees (Associates, Bachelor’s, and/or Master’s) preferred.
- 15 years plus (15+) experience in Infrastructure Technology.
- Expert-level knowledge of Microsoft Windows Server/Workstation Operating (e.g. Windows 2008-2019)
- Expert level knowledge and practical experience with complex enterprise level Active Directory environments and other enterprise LDAP platforms in creating, modifying, and deleting group policy, troubleshoot group policy issues, determine the effect of all group policies on an account or account group, audit changes to group policy, and maintain a Group Policy Map as well as Microsoft Active Directory Federation Services
- Expert practical experience using Microsoft Active Directory Services, PowerShell, and/or other scripting tools
- Experience with providing quality/production methods to ensure existing group policies are already in-place to implement user request or change
- Provide active follow-up with users and engineers to ensure actual change worked and did not cause of corrupt use profiles and permissions
- Able to identify impacts of AD, GPO, OU changes, Application integration needs, Security impacts
- Ability to document order of applied change and criticality of sequenced process steps;
- Experience managing Domain replication
- Deep understanding of DNS, DHCP, Kerberos, ADLDS, Schema management, AD Extensions, etc.
- Understand standard identity management tools, technologies, and processes and their place in the Enterprise.
- Demonstrated mastery of VMWare and related technologies.
The estimated salary range for this position is $105,000 to $135,000. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation.