The Directory Services Engineering team within the User Platform Engineering organization is looking for an experienced engineer in the Active Directory and Azure Active Directory space. This position will be working with a global team responsible for the architecture, design and development of systems supporting the Active Directory and Microsoft Azure environments for Goldman Sachs. The Active Directory infrastructure supports wide and varied services that require high availability and performance in a secure environment. As a member of the Directory Services Engineering team, this position will help design, engineer and deploy solutions to help ensure the security and resiliency of the Active Directory platforms within Goldman Sachs. Microsoft Azure-based services are becoming critical to the operation of medium and large enterprise environments. The ideal candidate will have experience configuring Azure Active Directory, Azure Active Directory Connect and be familiar with the authentication, authorization and Conditional Access options and capabilities of the Azure platform. Responsibilities will also include coordinating with various technology infrastructure teams for infrastructure projects, managing systems lifecycle and evaluating existing solutions for optimizations or enhancements. The position will also be engaged in vendor management, industry analysis, product benchmarking and contributing to the technical understanding and promotion of new and existing standards, solutions and tools. The ideal candidate will have will have a minimum of five years in management of an Active Directory Infrastructure, as well as projects in the Single Sign On and Federated Identity space in medium to large enterprise environments.
HOW YOU WILL FULFILL YOUR POTENTIAL
• Work with a global team of highly motivated platform engineers and software developers delivering solutions specializing in a range of technologies with a remit to define and build integrated architectures for secure, scalable infrastructure services serving a diverse set of internal and external use cases
• Collaborate with Active Directory engineers across Goldman Sachs and Microsoft to optimize and enhance the security and runtime operations of different Active Directory instances within Goldman Sachs
• Engage with Active Directory consumers to collaborate on efficient and secure integration approaches for their application requirements
• Contribute to the adoption of the Microsoft Azure platform by researching, advising and implementing capabilities across the breadth of Azure and Office 365 services
• Automate tasks in the Active Directory and Azure functional areas to increase efficiency of the team and detect abnormal behavior of the systems
SKILLS AND EXPERIENCE WE ARE LOOKING FOR
• Deep technical knowledge of complex Active Directory environments in medium to large enterprises that include multiple forests and trust relationships across the forests in firewalled networks
• Experience architecting and implementing business continuity plans, recovery strategies and hardening strategies for Active Directory Domain Services environments
• Implementing controls to ensure appropriate security, performance, scalability and monitoring guidelines are achieved for the Active Directory instances.
• Experience integrating solutions with an Active Directory Domain Services environment, including scenarios such as Exchange, Azure, Office 365 Hosted solutions, Active Directory Certificate Services, Active Directory Federation Services and smartcard authentication scenarios
• Protocol-level expertise with LDAP and Kerberos
• Working knowledge of Identity Management, Single Sign On and Federated Identity principles
• Proficiency in designing, developing and testing software in PowerShell; willingness to learn and adopt new languages
• Fundamental understanding of secure application and environment design and management concepts
• Strong understanding of systems development lifecycle best practices
• Must be able to sustain a high rate of workflow and work on multiple projects
• Must have exposure to the project management role in an enterprise environment
• The person will need good verbal and written communication skills. He/she needs to show past experience in utilizing various influencing skills and be able to collaborate, communicate and deliver in a global environment
• Ability to present to management, internal client audiences or professional peers, and ability to work independently on problem solving and investigation
• Proficiency in designing, developing and testing software in C#
• Experience implementing and managing Active Directory Lightweight Directory Services (ADLDS) instances.
• Proficiency in designing, developing and testing software in C# and Java; willingness to learn and adopt new languages
• Good development knowledge or product expertise with Identity Management products (e.g., Microsoft Identity Manager)
• Development knowledge or product expertise with Single Sign On/Access Management products (e.g., SiteMinder, OpenAM, Shibboleth) or Federated Identity products (e.g., ADFS, PingFederate)
• Ability to create reports on trends, perform gap analysis, perform risk analysis and provide recommendations to address deficiencies in the environment
• Expertise in operating and implementing commercial and / or open source monitoring software
The Goldman Sachs Group, Inc. is a leading global investment banking, securities and investment management firm that provides a wide range of financial services to a substantial and diversified client base that includes corporations, financial institutions, governments and individuals. Founded in 1869, the firm is headquartered in New York and maintains offices in all major financial centers around the world.
Â© The Goldman Sachs Group, Inc., 2020. All rights reserved Goldman Sachs is an equal employment/affirmative action employer Female/Minority/Disability/Vet.