Job Description
Job Description:
Insight Global is seeking an AD Security Automation Engineer for a leading financial services client. This role focuses on building and maintaining automation frameworks that execute security-driven changes across Windows systems and Active Directory environments. The engineer will partner closely with cybersecurity and infrastructure teams to rapidly operationalize CVE advisories into scalable, automated solutions. This is a highly technical role ideal for a candidate with deep AD expertise, strong PowerShell capabilities, and experience implementing secure automation at enterprise scale.
Day-to-Day:
• Design and build automation frameworks for security-driven configuration changes
• Automate GPO creation, modification, and rollback processes
• Implement automated Windows and application patching solutions
• Translate security advisories (CVE guidance) into rapid deployment updates
• Create AD-safe configuration enforcement workflows
• Build guardrails to prevent unsafe or incomplete deployments
• Support break-glass mitigation scenarios with pre-approved automation
• Collaborate with cybersecurity and AD platform teams to align on standards
• Ensure scalable, repeatable, and secure deployment of infrastructure changes
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Must-Haves:
• Expert-level Active Directory experience
• Advanced PowerShell scripting skills
• Deep knowledge of Group Policy Objects (GPOs) (internals, administration, management tools)
• Strong experience with Windows Server and Windows client internals
• Understanding of Active Directory schema, replication behavior, and security descriptors
• Experience with configuration management tools (SCCM or equivalent)
• Hands-on experience with Git-based version control and code reviews
• Experience administering GPOs using Quest GPO Admin
Nice to Have Skills & Experience
Plusses:
• Experience with automated systems validation/testing frameworks
• Prior work translating CVE/security advisories into deployable fixes
• Experience building secure automation guardrails
• Familiarity with enterprise-scale security automation practices
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.