Staff Active Directory/Entra/PAM Engineer
Staff Active Directory/Entra/PAM Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Description Summary
As an Active Directory/Entra/PAM Engineer you will be responsible for Active Directory DS inclusive of Azure AD services. Plus designing implementing and maintaining our Privileged Access Management (PAM) system. These services are comprehensive inclusive of architecture design implementation and ongoing operations in a devops model with a focus on automation integration service resiliency and business partnership. The Active Directory/M365 Engineer will be responsible for the support performance lifecycle management and continuous improvement of directory services/M365 across the GE Aerospace landscape.Ideal candidate will have expertise in PAM Active Directory management migrations Windows server EntraSync and Strong PowerShell scripting.
Job Description
Essential Responsibilities:
- Handson engineering responsibilities (Domain Controller build (server 2025) installation configuration upgrades schema extensions/modifications and performance tuning and optimization).
- Extensive knowledge of creating and maintaining group policy objects.
- Experience in systems engineering operating systems scripting (ADCLI PowerShell Azure CLI) and architecture. Design guide administer tune help improve the use of Microsofts Security services and offerings Microsoft Azure AD features and services such as Azure AD B2B & B2C. Conditional Access policies Security Center Azure Sentinel.
- Experience with Microsoft or 3rd party management and monitoring solutions (SCCM SCOM).
- Extensive experience in Azure AD and supporting AADConnect.
- Knowledge and experience with the Microsoft Directory Stack and Azure and supporting components.
- Monitor and maintain the production environment to meet the SLAs.
- Proactively and continuously evaluate and address issues related to performance stability scalability and extensibility of the systems.
- Leads or provides technical direction for the planning designing and execution of testing efforts.
- Provides technical consulting on the integration of application systems.
- Adhere to corporate standards/problem and change management policies.
- Produce root cause analysis documents and report on progress.
- Selfstarter with strong organizational skills strong sense of teamwork and attention to detail
- Excellent verbal and written communication skills able to speak directly and professionally even when challenged.
- Recognizes patterns and complexity in problems. Acts as team player.
- Configuration administration and maintenance of CyberArk solution including both the infrastructure and the application itself
- Hands on experience installing upgrading configuring operating and troubleshooting experience with CyberArk AAM (CCP CP ASCP) EPV PVWA CPM PSM HTML5 Gateway PSMP PTA (with various versions)
- Troubleshoot and resolve issues related to PAM systems ensuring continuous availability and performance.
- Addresses ticket queue and follow appropriate change management procedures
- Scripting knowledge PowerShell Python JavaScript REST API
- Work closely with crossfunctional teams including IT security and compliance teams to integrate PAM solutions into existing systems and applications. Ensure that PAM aligns with security and compliance requirements.
- Conduct regular security audits of privileged user activities and access reviews. Ensure compliance with security policies and regulatory requirements.
- Collaborate on the design and implementation of new PAM solutions ensuring they align with security policies and regulatory requirements
- Proficiency in written and verbal communication to clearly convey technical information collaborate with crossfunctional teams and document processes and solutions effectively.
- Strong organizational and documentation skills with a meticulous approach to maintaining clear and comprehensive records of system configurations access policies and security incidents.
- Experience inWindows/UNIX administrationin large heterogeneous environment
Minimum Qualifications:
- Bachelors Degree in Computer Science or STEM Majors (Science Technology Engineering and Math)
- A minimum 5 years of IT experience in IT operations DevOps or development
- 3 years of experience with Active Directory/Entra and PAM
Eligibility Requirements:
- Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas now or in the future for this job.
Desired Characteristics:
- Understanding of various directory structures and configurations (LDAP Active Directory etc.).
- Working knowledge of APIs or other forms of application integrations.
- Experience with or general understanding of SSO (SAML/Oauth2.0).
- Understanding of PCI SOX HIPAA EUGDPR regulations for IAM.
- Advanced knowledge and experience with the Microsoft Directory Stack and Azure and supporting components.
- Knowledge in Group Policy Management
- Experience with AD Trusts
- Strong knowledge of PowerShell/MS Graph
- Knowledge about Kerberos Authentication SMB NTLM
- Strong troubleshooting and root cause analysis experience
- Thorough knowledge of Software Development Life Cycle principles.
- Good understanding of Platform Integration strategies by developing applications and framework.
- A key contributor to the Identity standards and actively participates in the annual review and update of Identity controls.
- Experience creating custom platforms for applications to manage credentials in CyberArk vault
- Strong proficiency in network security including experience with firewalls intrusion detection systems and network segmentation
- Experience in Windows/UNIX administration in large heterogeneous environment
- Experience with supporting IAM in a Cloud environment including Azure or AWS
- CyberArk certification Defender/Sentry/CDE can be considered as added advantage.
- Quickly learn internalize and develop a strong understanding of key priorities.
- Strong understanding of identity and access management (IAM) principles and practices particularly in relation to privileged access management (PAM).
- Experience with Ping SailPoint Saviynt Active Directory Microsoft Entra ID (Azure AD) AWS and ServiceNow products
- Experience in vendor management
- Strong commitment to customer service and customer satisfaction
- Strong analytical and troubleshooting skills.
- Ability to work in a fast paced highly dynamic and collaborative environment.
- Maps current requirements to industry trends analyses competition trend
- Demonstrates mastery of the intricacies of interactions and dynamics in Agile teams.
- Demonstrates advanced understanding of Lean Six Sigma principles and guides adoption.
- A key contributor to the Identity standards and actively participates in the annual review and
- Mature the support documentation library including standard operating procedures workflows and run books and instill a peer review process to sustain a comprehensive library.
Note:
To comply with US immigration and other legal requirements it is necessary to specify the minimum number of years experience required for any role based within the USA. For roles outside of the USA to ensure compliance with applicable legislation the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.
This Job Description is intended to provide a high level guide to the role. However it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.
Additional Information
GE Aerospace offers a great work environment professional development challenging careers and competitive compensation. GE Aerospace is anEqual Opportunity Employer. Employment decisions are made without regard to race color religion national or ethnic origin sex sexual orientation gender identity or expression age disability protected veteran status or other characteristics protected by law.
GE Aerospace will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No
Required Experience:
Director
Employment Type
Full-Time
