OFFICE BASED / INSIDE IR35
· Active Directory Domain Services, Certificate Services, Conditional access and Enterprise
Applications deployments from design through implementation.
· Plan and execute Active Directory Domain Services inter-forest and intra-forest migrations using AD Connect.
· Assess the sizing and health of Active Directory deployments in support of new initiatives, such as Defender for Identity, Defender for Endpoint, vulnerability management via Defender for
Endpoint, or Microsoft Azure services.
· integration with Microsoft Sentinel
· Microsoft server and the CIS Benchmarks tunning
· Windows Defender Firewall with Advanced Security policy
· NSG lockdown for lateral movement
· Azure Cloud
· Global DNS solutions (private endpoint)
· Azure site recovery experience
· Zero trust administrative mode
· Privileged Access Management for Active Directory Domain Services, JEA and JIT Administration
· Active directory recovery plans
· Strong verbal and written communication skills.
· Must love documentation. Creating detailed design or migration documents is a regular occurrence.
· Expert-level Security solutions on Windows servers with Active Directory Domain and Azure AD experience.
· Capable of designing and deploying AD Certificate Services and Azure Enterprise applications and application registration.
· Strong scripting skills. PowerShell 3.0+ experience is very strongly preferred. You should feel at home in the CLI and will regularly be required to script solutions using github and infrastructure as code principles including terraform
· Must be able to speak about topics such as routing and switching, storage, virtualization, and server hardware as it relates to the above technologies and responsibilities.
· Current MCSE: Server Infrastructure and Azure AZ500, AZ-800/AZ-801
· and SC300, SC100/200
· Experience with the Azure Defender stack.
· Exposure to Azure IaaS environments
· Ability to work within change management systems and work within customer maintenance windows.
· Willingness to work off-hours as needed to accommodate production implementation requirements.
· Quest RMAD