IT Security Administrator, Identity & Access Management (IT ANALYST)

Identity and Access Management (IAM): AWS IAM: Proficient in managing AWS users, groups, roles, and policies. Experienced in implementing fine-grained access controls, multi-factor authentication (MFA), and integrating with Active Directory. Okta Identity Cloud: Skilled in configuring and managing Okta for identity and access management, including SSO, adaptive authentication, and integration with various applications. IBM Security Identity Manager (ISIM): Competent in implementing and administering ISIM for identity lifecycle management, access control, and provisioning. SailPoint IdentityIQ: Experienced in utilizing IdentityIQ for identity governance, role management, access certifications, and compliance reporting. CyberArk Privileged Access Security: Knowledgeable in implementing and managing CyberArk solutions for privileged account management (PAM), including secure credential management and least privilege access controls. Cloud Platforms and Services: AWS (Amazon Web Services): Hands-on experience with various AWS services including IAM, SSO, Directory Service, Cognito, Secrets Manager, Identity Governance, Security Hub, Control Tower, and Organizations. Proficient in setting up secure, multi-account environments and implementing AWS best practices. Microsoft Azure: Competent in configuring Azure Active Directory (Azure AD), implementing SSO, and integrating Azure services with on-premises environments. IT Security and Compliance: Security Practices: Skilled in implementing security policies, conducting risk assessments, and ensuring compliance with regulatory requirements. Incident Response: Experienced in responding to security incidents, analyzing vulnerabilities, and implementing remediation measures. Data Protection: Proficient in managing data privacy and implementing data protection measures, including encryption and access controls. Technical Proficiencies: System Administration: Experience in administering Windows Active Directory, Azure Active Directory, and various cloud platforms (AWS, Azure). Scripting and Automation: Familiar with PowerShell scripting for automation of administrative tasks and management of IT infrastructure. Project Management: Successful track record in leading small to medium-sized IT projects, ensuring adherence to SLAs/KPIs, and driving process improvements. Communication and Collaboration: Stakeholder Management: Effective in collaborating with stakeholders to align IT initiatives with business goals and requirements. Team Leadership: Experienced in leading teams, conducting coaching sessions, and fostering a collaborative work environment. Training and Development: Skilled in conducting training sessions to enhance team skills and knowledge of IT tools and processes.

Microsoft Azure Active Directory (Azure AD): Proficient in configuring and managing Azure AD environments. Experience with setting up and managing users, groups, and roles in Azure AD. Skilled in implementing and configuring single sign-on (SSO) for cloud applications. Familiarity with Azure AD Connect for integrating on-premises directories with Azure AD.

Google Cloud Identity: Single Sign-On (SSO): Proficient in configuring and managing SSO for Google Cloud services and integrating with various applications. Multi-Factor Authentication (MFA): Experienced in implementing MFA to enhance security for user access to Google Cloud resources. User Lifecycle Management: Skilled in automating user provisioning, deprovisioning, and management processes using Google Cloud Identity. Identity Federation: Capable of integrating Google Cloud Identity with external identity providers (IdPs) for extended SSO capabilities. Google Workspace Security: Data Loss Prevention (DLP): Competent in setting up and managing DLP policies to prevent accidental exposure of sensitive data within Google Workspace applications. Encryption: Knowledgeable in implementing encryption mechanisms for data-at-rest and data-in-transit within Google Workspace. Endpoint Security: Proficient in managing and securing endpoints accessing Google Workspace resources, including mobile devices and desktops. Google Cloud Platform (GCP) Identity & Access Management: IAM Roles and Permissions: Experienced in defining IAM roles and permissions to control access to GCP resources based on the principle of least privilege. Cloud Identity-Aware Proxy (IAP): Skilled in configuring IAP to control access to GCP resources based on user identity and context, without the need for a VPN. Service Accounts: Capable of managing service accounts and integrating them securely with GCP services and applications. BeyondCorp Framework: Zero Trust Security Model: Familiar with implementing Google's BeyondCorp principles to enforce strict access controls based on user identity, device security posture, and contextual factors. Context-Aware Access: Proficient in using context-aware access policies to enforce secure access to Google Cloud resources, minimizing the reliance on traditional network-based security measures. Google Authenticator and Security Keys: Two-Factor Authentication (2FA): Skilled in configuring and managing 2FA using Google Authenticator for enhanced security of Google accounts and services. Security Keys: Knowledgeable in implementing hardware-based security keys for strong authentication and protection against phishing attacks. Security Monitoring and Compliance: Security Command Center: Competent in using Security Command Center for centralized visibility and monitoring of security threats and vulnerabilities across GCP environments. Security Compliance: Proficient in ensuring compliance with industry-specific regulations and standards using Google Cloud security features and best practices. Integration and Collaboration: Third-Party Integrations: Experienced in integrating Google Cloud Identity and security features with third-party security solutions to enhance threat detection and response capabilities. Collaboration and Training: Skilled in collaborating with teams to implement secure practices and conducting training sessions to educate stakeholders on Google Cloud security features and best practices.

Microsoft Active Directory (AD) Administration: User and Group Management: Proficient in creating, managing, and maintaining user accounts, groups, and organizational units (OUs) within Active Directory. Group Policy Management: Experienced in configuring and applying Group Policies (GPOs) to enforce security settings, software installations, and other configurations across Windows-based systems. Organizational Unit (OU) Administration: Skilled in structuring and organizing OUs to streamline administrative tasks and delegation of permissions. Active Directory Federation Services (ADFS): Familiar with configuring ADFS for enabling single sign-on (SSO) across different domains and applications. Integration with Cloud Services: Competent in integrating Active Directory with cloud services such as Azure Active Directory (Azure AD) and AWS Directory Service for hybrid cloud environments. Identity and Access Management (IAM): Role-Based Access Control (RBAC): Proficient in implementing RBAC models within Active Directory to enforce least privilege access and enhance security. User Provisioning and De-provisioning: Skilled in automating user account provisioning and de-provisioning processes to ensure efficient lifecycle management. Directory Services Integration: Capable of integrating Active Directory with other directory services and identity management systems to maintain consistency and synchronization of user identities. Security and Authentication: Security Best Practices: Knowledgeable in implementing security best practices within Active Directory, including password policies, account lockout settings, and auditing configurations. Authentication Mechanisms: Experienced in configuring and managing authentication protocols such as Kerberos and NTLM within Active Directory environments. Security Monitoring and Auditing: Proficient in monitoring Active Directory for security events, conducting audits, and responding to security incidents promptly. Migration and Upgrades: Active Directory Domain Services (AD DS) Migration: Experienced in planning and executing migrations/upgrades of Active Directory domain controllers to newer versions or to cloud-based services. Forest and Domain Consolidation: Skilled in consolidating Active Directory forests and domains to streamline management and reduce complexity. Troubleshooting and Support: Problem Resolution: Capable of diagnosing and troubleshooting issues related to Active Directory services, replication problems, DNS configuration, and trust relationships. Support and Documentation: Experienced in providing technical support to users and IT teams, documenting procedures, and maintaining knowledge base articles for Active Directory operations. Scripting and Automation: PowerShell Scripting: Proficient in using PowerShell scripting for automating administrative tasks, generating reports, and managing Active Directory objects programmatically. Collaboration and Training: Team Collaboration: Effective in collaborating with cross-functional teams, including network administrators, security professionals, and application developers, to achieve organizational objectives. Training and Knowledge Sharing: Skilled in conducting training sessions and workshops to educate IT staff and end-users on Active Directory best practices, usage guidelines, and security measures.