Engineer – Identity Management And Directory Service

Responsibilities :

Provide Tier 2 / 3 technical support for Active Directory (AD) environments.

Troubleshoot and resolve user authentication and group policy issues.

Manage user accounts, groups, and permissions within Active Directory.

Ensure the security, integrity, and availability of the Active Directory infrastructure.

Perform regular maintenance tasks, including backups and system updates.

Conduct health checks on domain controllers and replication status.

Create and maintain documentation for configurations and procedures.

Participate in Active Directory upgrades and migration projects.

Provide training and support to IT staff and end-users.

Collaborate with network and system administrators for integration.

Stay updated on Active Directory features and best practices.

Recommend improvements for AD processes and architectures.

Administer and manage Identity and Access Management (IAM) systems, ensuring secure and efficient access to

applications, systems, and data.

Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other identity security solutions.

Monitor and audit access rights, permissions, and privileged accounts to ensure compliance with security policies and regulatory requirements.

Support lifecycle management of user identities, including provisioning, de-provisioning, and role-based access control (RBAC).

Respond to and remediate IAM-related security incidents, including unauthorized access attempts and privilege escalations.

Lead efforts to integrate IAM solutions with on-premises and cloud services (e.g., Azure AD, AWS IAM).

Analyze and streamline access request processes for improved efficiency and user experience

Requirements :

Bachelor’s degree in Information Technology, Cybersecurity, or a related field.

Strong understanding of Active Directory architecture and components.

Experience with Windows Server environments and Group Policy Management.

Experience implementing and managing IAM solutions (e.g., Azure AD, Okta, Ping Identity, AWS IAM, or similar).

Experience with hybrid identity environments (on-prem AD integrated with Azure AD or other cloud IAM solutions).Strong analytical, problem-solving, and presentation skills

Microsoft certificate e.g., Azure Administrator, Identity and Access Administrator

Security certificate (Optional) e.g. CISSP, CISA, CEH

Knowledge of Zero Trust principles and their application in identity security

Excellent communication and interpersonal skills to collaborate with cross-functional teams

Proficiency in both written and spoken English and Chinese, including Mandarin