Job Title: AD Hardening Workstream Lead
Job Type : FTE
Job Location: London, UK (hybrid)
Job Description:
Assist Microsoft SMEs in the running and Maintenance of the ACLXray Tool
Lead Workshops for review of all exposure reports provided by ACLXray Tool
Documentation and Meetings to support Change Management and review Gates
Remediation Task to be performed based on Exposures reported by ACLXray Tool
Testing of remediation tasks in preprod environment
Produce needed task updates based on results from preprod
Execution of remediation tasks in prod environment
Ongoing documentation of changes
Creation of necessary standards, procedures, and automation to maintain improved state
Create technical roadmap of work
Direct x2 Off-shore consultants
Scope of work
Ensure all ACL Xray vulnerabilities have been resolved including all Delegation of control Findings.
Role-Based Access Control (RBAC)- Define, document and enforce the policies to limit administrative privileges on accounts to those necessary for their functions.
Create Organizational Units (OUs) - Structure the Active Directory using OUs that reflect our organizational needs for the new tiering.
Group Policy Objects (GPOs) - Develop specific GPOs that apply security settings, password policies, and account policies for Tier 0 accounts.
Firewall Rules - Only allow essential traffic between Tier 0 and other tiers or networks.
Final survey of all the remaining security services that need to be imported into Tier 0
Final list of all user accounts that need Tier 0 analogs.
Review all third-party access to the Tier 0 environment
Review security risks associated with third-party applications and services that interact with the AD
Design document for remaining Tier 0 services (ie, Beyond Trust, Varonis, SPLUNK, etc)
Alerting to be setup using Varonis to capture all attempts to bypass Tier 0 infrastructure
Complete migration of all designated security and other critical services into Tier 0
Final survey of all current servers that should be designated Tier 1, including owners
Design and documentation detailing the process for Tier designation during provisioning and decommissioning process
Completed migration plan for moving servers into Tier1
Completed proposals for implementation of RODC in for remote site and service authentication
Completed proposal for creating auxiliary classes to add specific attributes to user/computer objects
Complete Migration of all Tier 1 resources in production.
Document Procedures - Maintain thorough documentation of configurations, processes, and changes made during the creation of Tier 0.
Training - Educate all IT personnel on security practices and operational protocols for managing Tier 0