IAM Engineer with Active Directory Windows Infrastructure Engineer

No H1B/NO OPT/CPT

LinkedIn & References needed

Job Title: IAM Engineer with Active Directory / Windows Infrastructure Engineer

Location: Spring Texas (On-Site) - Preference to Houston/Spring/Woodland consultant

Duration: 12Month

Interview: Video
Rate : $55/hr to $60/hr on C2C max ( No flex)

Client ExxonMobil

Responsibilities:

We are seeking a highly skilled engineer to manage and support enterprise identity and security infrastructure. This role involves administration troubleshooting and automation across Active Directory certificate services federation services and related technologies. The ideal candidate will have strong expertise in authentication protocols scripting and cloud integration.

Please note that this position includes the enterprise administrator role which is Tier 0 security access. Due to the cybersecurity risks associated with this level of access we are requesting additional items to be included in the background check review. Please see the attached enhanced background check request for details on these requested items.

Key Responsibilities

Administer and maintain Active Directory (AD) including domain controllers replication and security hardening.

Manage Active Directory Certificate Services (ADCS) and Public Key Infrastructure (PKI).

Support Active Directory Federation Services (ADFS) and integration with identity providers.

Implement and maintain Azure Information Protection (AIP) for data security.

Utilize Quest tools (Change Auditor RMAD GPOAdmin) for auditing recovery and policy management.

Configure and manage Hardware Security Modules (HSM) for cryptographic operations.

Deploy and manage infrastructure in AWS using Terraform for automation and Infrastructure-as-Code.

Ensure secure authentication using Kerberos including SPNs and Keytabs.

Design and enforce Group Policies for security and compliance.

Develop automation scripts using PowerShell for operational efficiency.

Collaborate with security teams to ensure compliance with organizational standards.

Provide on-call support for critical identity and security services as part of a rotation schedule.

As a member of an agile team participate in Agile ceremonies and collaborate with application developers business customers project managers and other infrastructure teams.

Required Skills & Qualifications

Strong experience with Active Directory ADCS ADFS and PKI.

Proficiency in Kerberos authentication SPNs and Keytab management.

Hands-on experience with Group Policy Objects (GPO) and policy troubleshooting.

Advanced PowerShell scripting for automation and reporting.

Familiarity with Azure Information Protection (AIP) and identity security.

Experience with Quest tools: Change Auditor RMAD GPOAdmin.

Knowledge of HSM configuration and cryptographic key management.

Cloud experience with AWS and Infrastructure-as-Code using Terraform.

Strong understanding of enterprise security principles and best practices.

Soft Skills

Excellent problem-solving and analytical skills.

Strong communication and documentation abilities.

Ability to work independently and in a team environment.

Top 3 skill sets/technologies required for qualification:

1. Active Directory (AD) including domain controllers replication and security hardening.

2. Active Directory Certificate Services (ADCS) and Public Key Infrastructure (PKI).

3. Terraform and Infrastructure as Code