Active Directory Data Security Engineer

Allstate Charlotte , NC 28201

Posted 6 months ago

Where good people build rewarding careers.

Think that working in the insurance field can't be exciting, rewarding and challenging? Think again. You'll help us reinvent protection and retirement to improve customers' lives. We'll help you make an impact with our training and mentoring offerings. Here, you'll have the opportunity to expand and apply your skills in ways you never thought possible. And you'll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.

Job Description

As an Active Directory Data Security Engineer, you will assess risk and design and build security solutions needed to that will protect Allstate against ongoing and potential security threats. This critical role requires the ability to synthesize radical ideas, the aptitude to define new security strategies and the tenacity to get the job done Globally.

Key Responsibilities

  • Drive Active Directory Data Security engineering for our enterprise

  • Research and evaluate emerging trends, threats and assess the overall security risks to the system

  • Identify and recommend appropriate measures to manage and mitigate risks and reduce potential impacts

  • Engineer and implement solutions to reduce risk

  • Work directly with IT and business partners to establish and enforce best practices, protection objectives, process improvements and effective security controls

  • Partner with governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation

  • Develop and improve KPIs and metrics

  • Develop and refine procedures and techniques used by the team

Job Qualifications

  • 3+ years of experience managing Active Directory as a "Data Administrator" and has intimate knowledge of Active Directory Security. (Users and Groups, understand ACLs/DACL, SIDs, and SDDL and AD authentication)

  • Ability to craft and execute complex AD queries using LDAP, understand AD Objects, classes, attributes and strong working knowledge on how common attributes work in the AD security space

  • Experience integrating applications with Active Directory (AuthN, AuthZ)

  • Experience managing the AD and understanding the complexities and challenges common to AD administration (Recycle bin, Nested Groups, Circular Groups, SIDhistory, Token Bloat etc.)

  • Expert PowerShell skills, particularly to manage users and groups using the AD cmdlets, the quest cmdlets and/or [system.directoryservices]

  • Strong logical, written and oral communication skills

  • Clear understanding of security protocols and standards and have experience with software and security architectures

  • Understanding of designing and implementing security tests in accordance with stated criteria

  • Understanding protocols, such as, SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S, NFS, SNMP and DNS

  • Experience in networking concepts and services, such as, VPNs, IPsec, PKI and TCP/IP

  • Demonstrates an ability to bridge technology knowledge gaps between IT staff and corporate staff such as Legal, Compliance and Audit organizations

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Active Directory Architect (South East)


Posted 3 days ago

VIEW JOBS 10/16/2019 12:00:00 AM 2020-01-14T00:00 Hungry for a new challenge? Inspired to broaden your horizons? Our Infrastructure Consulting team manages the systems that keep us and our clients ahead of the pack. As an Active Directory Architect you will plan, design, implement Active Directory solutions for our clients. You will be a technical subject matter expert on both cloud and on-premise IT systems. You will apply functional knowledge and technical expertise in the Microsoft cloud offerings and promote innovative solutions to our customers. You will develop relationships with key customer stakeholders to help them achieve their business goals. . Key Role Responsibilities: Workstream lead for an AD consolidation from 14 domains to one as part of an O365 and Windows 10 migration. Key Role Skill & Capability Requirements: Working on some of the largest leading-edge projects, the Active Directory Lead is a critical customer-facing role and you will play a leading part in a large-scale workplace transformation. You will naturally have a strong foundation in core Microsoft infrastructure technologies, but more specifically you will be able to demonstrate prior experience and a level of subject matter expertise in large scale identity / AD consolidations (20,000+ seats). Demonstrated knowledge in AD/AAD/ADFS, MIM, and AD object migration is required. Day-to-day, You Will * Design and deploy enterprise-scale, complex identity solutions. * Lead technical discussions with senior customer executives that drive decisions and implementation approaches. * Review and manage technical requirements and business functional requirements to establish identity in a new Azure platform. * Travel to customer site as needed. About you You are a strong technologist with solid business skills. You are as comfortable working with a technical team as you are with client IT leaders, and you know how to build bridges between the two. With your excellent communications skills, you are adept at mapping business needs to technology solutions and helping non-technical audiences understand the benefits of these solutions Your Skillset Likely Includes * Knowledge of infrastructure solutions, especially in relation to Microsoft programs, platform migration, system security, enterprise directories, and cloud technologies. * Knowledge of operation management, systems security, testing, databases and mobility considerations. * Working with global teams and offshore resources. * Communicating and presenting complex information to technical and non-technical stakeholders, both verbally and in written form. You likely have a Bachelor's Degree in computer science, computer engineering, management information systems, information technology, or a similar field. An equivalent combination of education and experience may substitute for a degree. Within two years of hire or credential availability, you will obtain a Microsoft Certified Solutions Associate (MCSA) certification in Windows Server 2012 and a Microsoft Certified Solutions Expert (MCSE) certification in Server Infrastructure. Qualifications * At least 5 years of experience designing, supporting, and upgrading Active Directory environments. * At least 3 years of experience with related services (DNS, PKI, Group Policy). * Experience with domain migrations: * Consolidations for Merger and Acquisition projects (M&A) * Red Forest (Enhanced Security Administrative Environment) * An understanding of the interdependencies in migration projects (user, workstation, application, network, directory, cloud). * Security fundamentals: * Privileged access management * OS, network, and process level security controls * Auditing and monitoring * Microsoft cloud experience: * Azure Active Directory * Directory Sync (FIM, MIM, or AADSync) * Claims (ADFS, Ping, Okta, etc.) * Infrastructure fundamentals: * Virtualization (Hyper-V, VMWare, or others) * Common database and network service components (SQL, LDAP) * PowerShell / legacy scripting Avanade Charlotte NC

Active Directory Data Security Engineer