Security Engineer - Purchase, New York | STAND 8 Careers | Stand8
We are hiring a Security Engineer for a specialized global insurance provider. Candidate will reorganize our existing Active Directory groups, OUs, service accounts, and related objects to improve the privileged access control model for administrators and reduce risk or privilege escalation.
This could be a great opportunity for you!
STAND 8 provides end to end IT solutions to enterprise partners across the United States and with offices in LA, Atlanta, New York, Raleigh, and more.
- Design, implement, and document adjustments to our current Active Directory domain to:
- Use tiered administration
- Prevent lower-tier admin IDs from tampering with higher tier admin IDs or service accounts
- Report on permissions (preferably using a graph DB) to identify deviations from this plan
- Review security scorecards from tools like PingCastle, Purple Knight, etc. and develop plans to remediate any gaps
- Extremely strong understanding of Active Directory permissions and OS-level security policies
- Working/functional knowledge of Kerberos authentication and Protected Users restrictions
- Kerberos armoring
- Assessment tools like Bloodhound, PingCastle, etc.
- Strong analytical skills and experience in enterprise (multi-tier) IT admin structures
- Familiarity with change management protocols
- Excellent oral and written communication skills and the ability to clearly articulate to all member
- Background and knowledge of risk assessment technologies and methods
- Experience with developing and implementing security procedures and policies
- Bachelor's degree or higher in computer engineering, cybersecurity, information security, or a related field