Role: Active Directory Engineer OR Architect
Location: Remote
- Strong understanding of cryptographic algorithms and protocols
- Experience working with certificate authorities and registration authorities such as NDES and CEP/CES
- Proficiency in key management and renewal
- Experience designing implementing and maintaining secure PKI solutions in enterprise environments.
- Knowledge of integrating PKI with other security technologies such as HSMs TLS inspection 802.1x etc...
- Experience conducting PKI audits and monitoring.
- Ability to troubleshoot and resolve issues related to certificate issuance and management.
- Knowledge of best practices for securing device and user certificates
- Experience configuring Intune to work with a certificate authority to issue device and user certificates.
- Expertise in certificate lifecycle management
- Expertise with autoenroll and manual certificate issuance
- Knowledge of certificate templates and their configuration
Job Description:
- The role requires deep knowledge (300400 level) in the following technology areas:
- Active Directory Certificate Services including:
- Largescale two and threetier PKI hierarchies (>1 issuer) (Preferred)
- Experience with NDES and OCSP (Required)
- Experience with scripted installations (Preferred)
- Must understand database cleanup options & PKI domain maintenance (Required)
- Crossforest implementations (Desired)
- Active Directory Domain Services
- Active Directory replication and performance monitoring
- Active Directory troubleshooting
- Group Policy implementation design and troubleshooting.
- Security and administration of the Active Directory environment including PKI
- Fundamental networking knowledge IP DHCP DNS WINS routing etc.
The following areas may also be beneficial:
- Active Directory Scripting technologies
- Active Directory Disaster Recovery
- Active Directory Monitoring Tools
- Microsoft Identity Manager
- Active Directory Federated Services
- Azure AD Connect
- Azure Active Directory