Job Description
contributor IAM/Directory Services security engineer specializing in Tier 0 on-prem Active Directory. Owns domain controller hardening and security baselines, GPO administration, privileged access/delegation controls, and secure operation of AD dependencies (DNS, Kerberos/time, AD CS/PKI, trusts). Partners with SOC/SIEM teams to improve logging and audit readiness and supports AD security incident response and remediation.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• Bachelor’s degree in computer science, engineering, or a related field (or equivalent practical experience).
• 7+ years of experience with Windows Server and on-prem Active Directory (domain controller operations, replication, FSMO roles, trusts, Kerberos/LDAP).
• Experience securing AD dependencies: DNS, PKI/AD CS, and time synchronization; strong Windows authentication knowledge (Kerberos/LDAP/NTLM).
• Experience in enterprise IT operations or infrastructure teams, including change management and incident management for critical services.
• AD security expertise (attack paths, privileged access, legacy authentication risk) with experience implementing hardening and monitoring. Hybrid identity/PAM familiarity is a plus; primary focus is on-prem AD domain security.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.