Posted in

Staff Active Directory/Entra/PAM Engineer

Staff Active Directory/Entra/PAM Engineer

CompanyGE Aerospace
LocationSharonville, OH, USA, Livonia, MI, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior

Requirements

  • Bachelor’s Degree in Computer Science or ‘STEM’ Majors (Science, Technology, Engineering and Math)
  • A minimum 5 years of IT experience in IT operations, DevOps, or development
  • 3 years of experience with Active Directory/Entra and PAM

Responsibilities

  • Hands-on engineering responsibilities (Domain Controller build (server 2025), installation, configuration, upgrades, schema extensions/modifications and performance tuning and optimization)
  • Extensive knowledge of creating and maintaining group policy objects
  • Experience in systems engineering, operating systems, scripting (ADCLI, PowerShell, Azure CLI) and architecture
  • Monitor and maintain the production environment to meet the SLA’s
  • Proactively and continuously evaluate and address issues related to performance, stability, scalability, and extensibility of the systems
  • Leads or provides technical direction for the planning, designing, and execution of testing efforts
  • Provides technical consulting on the integration of application systems
  • Adhere to corporate standards/problem and change management policies
  • Produce root cause analysis documents and report on progress
  • Configuration, administration, and maintenance of CyberArk solution, including both the infrastructure and the application itself
  • Troubleshoot and resolve issues related to PAM systems, ensuring continuous availability and performance
  • Addresses ticket queue and follow appropriate change management procedures
  • Work closely with cross-functional teams, including IT, security, and compliance teams, to integrate PAM solutions into existing systems and applications
  • Conduct regular security audits of privileged user activities and access reviews

Preferred Qualifications

  • Understanding of various directory structures and configurations (LDAP, Active Directory, etc.)
  • Working knowledge of APIs or other forms of application integrations
  • Experience with or general understanding of SSO (SAML/Oauth2.0)
  • Understanding of PCI, SOX, HIPAA, EU-GDPR regulations for IAM
  • Advanced knowledge and experience with the Microsoft Directory Stack and Azure and supporting components
  • Knowledge in Group Policy Management
  • Experience with AD Trusts
  • Strong knowledge of PowerShell/MS Graph
  • Knowledge about Kerberos Authentication, SMB, NTLM
  • Strong troubleshooting and root cause analysis experience
  • Thorough knowledge of Software Development Life Cycle principles
  • Good understanding of Platform Integration strategies by developing applications and framework
  • Experience creating custom platforms for applications to manage credentials in CyberArk vault
  • Strong proficiency in network security, including experience with firewalls, intrusion detection systems, and network segmentation
  • Experience with supporting IAM in a Cloud environment, including Azure or AWS
  • CyberArk certification Defender/Sentry/CDE can be considered as added advantage
  • Strong commitment to customer service and customer satisfaction
  • Strong analytical and troubleshooting skills
  • Ability to work in a fast paced, highly dynamic and collaborative environment