Job Description :
REMOTE
Market-rate compensation package based on experience
Assignment Duration : 12 months
5 Days/40 Hours week
Work Hours : 8am - 5pm CST
Subcontracting permitted
Principal Info Security Engineer
Required Skills :
- DNS
- Group Policy Objects (GPO)
- Intune
- Entra ID / Azure Active Directory (AAD)
- Active Directory ? experience from Windows Server 2012 / 2012 R2 or earlier, preferably up to the latest versions (Windows Server 2022 or 2025)
Job Description :
- Participate and operate on large scale implementation of medium to high complexity of Active Directory environments, participating in security hardening, engineering, and operational responsibilities on the team to accomplish corporate security initiatives and tasks.
- This role would participate in the work intake, act as an advisor for multiple AE Active Directory teams and business owners looking to harden their Active Directory environment to corporate security standards, and assist in the tactical and strategic tasks within larger projects and objectives. Additionally, this individual is a key resource in the organization s effort to secure, consolidate, and simplify Active Directory environments from mergers and acquisitions.
- Deliverables include independent or participation in group efforts, leadership of small groups to perform specific goals or objectives, clear communication of issues and goals met, technical documentation, investigation/research of unusual Active Directory activity, participation in AD audit reviews and investigations, participation in the 24x7 On-Call rotation, and on-going stability and performance monitoring of Active Directory.
Job Responsibilities :
- Operationally manage Active Directory infrastructure of multiple Active Directory environments. Review, investigate, and remediate any AD performance irregularities identified by the management and monitoring tools.
- Work with the business and application teams to increase the security of the Active Directory environments by remediating identified security vulnerabilities.
- Leverage security scanning tools to monitor and maintain the Active Directory environment to the published baseline security standards.
- Work with the business and application teams to migrate their applications to the Optum core AD environment or Optum cloud environment.
- Move the Active Directory environment towards consolidation.
Ideal Candidate Background :
- A senior Active Directory engineer or architect that has extensive experience working on domain integration / migration projects, extensive familiarity with the tools / products listed below to manage and maintain multiple separate Active Directory infrastructures.
- Ideal candidate will have extensive experience working with the business partners and application teams to prepare them to increase the security of their utilization of Active Directory resources and migrating their application to the Optum core AD or cloud environment as part of the Active Directory domain consolidation efforts.
What skills/attributes are required (please be detailed as to number of years of experience for each skill)
- Active Directory infrastructure engineering (15+ years)
- Active Directory performance management / tuning (8+ years)
- server hardware management (6+ years)
- Vmware ESX / Hyper-V engineering and operations (6+ years)
What skills/attributes are preferred (what will set a candidate apart)
- PowerShell scripting / programming
- VB scripting
- Batch scripting
- System Center Operations Manager (SCOM)
- Microsoft EndPoint Configuration Manager (SCCM/MECM)
- Quest InTrust
- Quest Change Auditor
- Quest Enterprise Reporter
- Quest GPO Admin
- Quest Recovery Manager for AD (RMAD)
- Bloodhound Enterprise
- Microsoft Risk Assessment Program (RAP)
- Firewall engineering / operations
- Networking / subnetting
- DNS.
Interviews will be technical and process oriented.