Site Name: UK – London – New Oxford Street
Posted Date: Jan 27 2025
We are looking for Directory Services (EntraID/Active Directory (AD) technology) SMEs, with relevant experience, capable of delivering enterprise solutions. Technically, you will be comfortable working using Agile methodologies in a Scrum/SAFe environment, and have proven experience designing, building and managing modern Directory capabilities for Cloud and self-hosted applications.
You will be responsible for the design, implementation, and management of GSK’s Directory infrastructure. This role is critical in ensuring the reliability, security, and efficiency of our Directory environment, which supports authentication, authorization, and policy enforcement across the enterprise.
In this role you will
1. Support the design, implementation and management of GSK’s Directory infrastructure.
2. Support the product owner and architects in driving improvement in the directory services and broader IAM domain.
3. Ensure that GSK's regulatory requirements are met and continuously evolve and improve the underlying processes, strategies, and roadmap of capabilities and offerings by adopting new technologies where beneficial (such as automation, AI/ML, analytics, etc.)
4. Ensure the security of active directory by implementing best practices, monitoring for vulnerabilities, and defining detailed plans for resolution.
5. Identify and resolve issues related to directory services and provide SME support. Have a broad understanding of the interdependencies between IAM systems, the communication protocols used, and connectivity security.
6. Work with IT teams and stakeholders to understand requirements and provide technical support.
7. Maintain comprehensive documentation of configurations, processes, and protocols.
8. Engineer, deploy, operationalize, maintain, and support tools associated with Entra ID.
Qualifications & Skills:
We are looking for professionals with these required skills to achieve our goals:
1. Significant experience in identity and access management, with a focus on Azure Entra ID (Azure Active Directory).
2. Proven experience in implementing and managing Azure Entra ID solutions.
3. Experience of building and deploying web applications through CI/CD pipelines using GitHub Actions or Azure DevOps.
4. Understand, articulate and promote least privilege principles, segregation of duties, defence-in-depth, data security in transit/at rest, passwordless and zero trust.
5. Experience with hybrid identity solutions, including Entra Connect and on-premises Active Directory integration.
6. A strong background in secure design principles, and an understanding of cyber risk and mitigations.
7. Experience in Active Directory configuration, management, and troubleshooting.
8. Conceptual understanding of cloud secrets management, security, roles and identity types, providing guidance to consumers on integration best practices.
9. Proficiency in scripting languages like PowerShell to automate administrative tasks and improve efficiency. Exposure to Azure Log Analytics and aggregating events using KQL would be beneficial.
10. Education: Bachelor’s degree in Computer Science, Information Technology, or a related field.
11. Soft Skills: Strong problem-solving abilities, excellent communication skills, and the ability to work collaboratively in a team environment.
12. Stay current with industry trends and advancements in directory technologies. Propose and implement improvements to enhance performance, reliability, and security of the environment.
Preferred Qualifications & Skills:
If you have the following characteristics, it would be a plus:
1. Experience in integrating and synchronizing authoritative data sources into and between directory infrastructure.
2. Knowledge of Azure technologies to support edge deployments (Azure Arc, Azure Stack HCI).
3. An understanding of tiered security models, lateral movement, privilege escalation and common attack vectors as well as approaches to mitigate and prevent exposure.
4. An appreciation of the concepts of Infrastructure as Code, automated deployment and infrastructure configuration management.
5. An interest in, and prior research into AI/ML and how this is applicable to the monitoring and detection of anomalous behaviour / inconsistent configuration / attack path identification.
6. Knowledge of deploying, managing and monitoring applications in a Cloud environment such as Microsoft Azure or Google Cloud.
7. Previously worked in a central IT team within a regulated environment such as the Pharmaceutical or Financial services.
8. Certifications: Relevant certifications from Microsoft.
Closing Date for Applications: Sunday 9th February 2025 (COB)
Please take a copy of the Job Description, as this will not be available post closure of the advert.
#J-18808-Ljbffr