Engineer, IT-Directory Services (1.5 yr assignment)
Job Description
Universal Orlando Resort believes in-person collaboration is key to our success. Many of our Team Members work in a hybrid capacity, contributing from the workplace a minimum of three days per week. Some remote opportunities are available within specific departments. There are also roles that require being on-site full time. You’ll learn more about this during the application process.
JOB SUMMARY: The Directory Services Engineer’s role is responsible for daily and long-term administration of UO’s Microsoft Active Directory and windows-based systems across the enterprise including directory and identity management solutions. Responsibilities includes taking the conceptual idea and develop into the planning, monitoring, analyzing and execution of Active Directory Security Enhancement (ADSE) project. Resolves and appropriately completes assigned cases and change requests and acts as an escalation for support issues. The core infrastructure technology duties include enterprise Microsoft Active Directory, Active Directory security and policy configuration, and top-level support for enterprise-wide initiatives. Responsible for the proactive service/system monitoring of AD and Windows privileged and elevated access.
MAJOR RESPONSIBILITIES:
- Provide subject-matter expertise with Active Directory identity protection best-practices and assist Sr. Leadership in defining, administering, and maintaining policies for the enterprise-level design of AD. Serves as an escalation point for application support and troubleshooting, provides guidance and direction in resolution of escalated issues and/or complex production, application or system problems. Assist with Active Directory Security Enhancement project including secure configuration, risk assessment findings, monitoring and logging.
- Help review and assess Active Directory integration and hardening with virtualization infrastructure and Hyper-V platform. Create and document detailed guides and tracking documents to leverage as part of Active Directory hardening and overall infrastructure enhancements. Help engineer, deploy and manage Active Directory Services in a globally distributed environment.
- Collaborate with InfoSec team and stakeholders to grow and deliver new capabilities/solutions related to Access Management for Active Directory and Windows Systems. Maintain software and OS level to the latest standards.
- Successfully deliver projects, meet project milestones and communicate issues/ risks appropriately. Provide technical expertise in threat/risk assessments for new enhancements. Enhance and improve existing infrastructure through automation and reporting.
- Understands and actively participates in Environmental, Health & Safety responsibilities by following established UO policy, procedures, training and team member involvement activities.
- Performs other duties as assigned.
EDUCATION: Bachelor’s degree in Business Administration or Computer Science is preferred.
EXPERIENCE:
- 5+ years’ experience in IT and with Security and Compliance that includes defining strategy, implementing new processes, project management, vendor and contract management
- Active Directory expert with demonstrated ability in the Microsoft’s Enhanced Security Architecture Environment (ESAE) “Red Forest”.
- Experience with integration of applications with Active Directory via LDAP and Kerberos for authentication and authorization. Multi-Forest/Multi-Domain AD environments.
- At least one Microsoft Administration Platform (SCCM, SCVMM, Hyper-V)
- Security generalist with meaningful experience in many of the following areas: authentication methods – Kerberos, MFA/2FA, SSO, Federation, etc.
- Experience in an engineering, designing, and integrating both infrastructure components (domain controllers, sites and services, connectivity, etc. Logical aspects GPO management, directory structure, and management toolsets.
- Extensive experience with infrastructure and server theories, principles and concepts; application infrastructure and standards; networking fundamentals; Windows; Physical Server architecture; Virtualization Technologies (e.g. VMware, HyperV) and LAN/WAN/Firewall/VPN network technologies.
- Knowledge of JIT, backup and out-of-band technologies: HP OneView, Cyberark, Remediant, Veritas Netbackup.
- Extensive knowledge and experience working with applicable data security and privacy practices and laws.
- Ability to conduct research into software-related issues and products.
- Highly self-motivated and directed.
- Keen attention to detail.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Experience working both independently and in a team-oriented, collaborative environment.
- Overtime hours may be required to meet project deadlines.
- Certifications: MCSE/MCSA, Azure, CISSP, CISA or other comparative information security certifications; or equivalent combination of education and experience.
Your talent, skills and experience will be rewarded with a competitive compensation package.
Universal is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Universal Orlando via-email, the Internet or in any form and/or method without a valid written Statement of Work in place for this position from Universal Orlando HR/Recruitment will be deemed the sole property of Universal Orlando. No fee will be paid in the event the candidate is hired by Universal Orlando as a result of the referral or through other means.
Universal Orlando Resort. Here you can.
Universal Orlando is an equal opportunity employer. Universal elements and all related indicia TM & © 2023 Universal Studios. All rights reserved. EOE