Security Engineer - Purchase, New York | STAND 8 Careers | Stand8

Security Engineer
Back to Job Search
Security Engineer
Date Posted:  10/22/2021
Job ID:  Job #4382
Employment Type: Contract
Location: PurchaseNew York
Submit Resume
SHARE THIS JOB POST

Would you like to work in a global insurance company? This could be a great opportunity for you!
We are hiring for a Security Engineer. STAND 8 provides end to end IT solutions to enterprise partners across the United States and with offices in Mountain View, LA, Atlanta, New York and more.

The engineer reorganizes our existing Active Directory groups, OUs, service accounts, and related objects to improve the privileged access control model for administrators and reduce risk or privilege escalation.

ROLE RESPONSIBILITIES

  • Design, implement, and document adjustments to our current Active Directory domain to:
  • Use tiered administration
  • Prevent lower-tier admin IDs from tampering with higher tier admin IDs or service accounts
  • Report on permissions (preferably using a graph DB) to identify deviations from this plan
  • Review security scorecards from tools like PingCastle, Purple Knight, etc. and develop plans to remediate any gaps

TECHNICAL QUALIFICATIONS

  • Extremely strong understanding of Active Directory permissions and OS-level security policies
  • Working/functional knowledge of Kerberos authentication and Protected Users restrictions
  • Ideally, familiarity with:
  • Kerberos armoring
  • Assessment tools like Bloodhound, PingCastle, etc.
  • PowerShell

GENERAL QUALIFICATIONS

  • Strong analytical skills and experience in enterprise (multi-tier) IT admin structures
  • Familiarity with change management protocols
  • Excellent oral and written communication skills and the ability to clearly articulate to all member
  • Background and knowledge of risk assessment technologies and methods
  • Experience with developing and implementing security procedures and policies

EDUCATION REQUIREMENTS

  • Bachelor's degree or higher in computer engineering, cybersecurity, information security, or a related field
#LI-JD1