Azure Active Directory Security Controls Architect

About the Opportunity:

Cloud Security Services requires an AAD Infrastructure Security and Controls Senior Manager within the Information Security & Risk Management (ISRM) organization for our client. The Senior Manager will be responsible for the analysis, design, coordination and escalation support, specifically pertaining to Microsoft Azure Active Directory, and its integrations with other client applications and systems such as ADDS, Ping and Office 365. This is a 6-month project with the possibility of going full-time for the right candidate.

Responsibilities:

The individual will work within the architecture and engineering organizations, interacting with peer teams and partner groups, scaling and deploying improvements, facilitating integration efforts with Azure Active Directory identities and services within the enterprise. The candidate must be able to operate and function well in a multi-cultural, geographically dispersed virtual team environment. Strong leadership and communication skills are an absolute must. Ability to balance business expectations while maintaining the security and best interests of on-premise Active Directory is of paramount importance.

The Sr. Manager will have responsibilities for security and internal controls in support of Technology Services (TS). The individual will serve as the Information and Security Risk Management (ISRM) expert in supporting internal TS teams, projects and internal control audits. The individual will serve as an ISRM technical subject matter expert and have direct interaction with TS employees, contractors and vendors. The individual will provide senior expertise in security and internal controls to ensure that technology solutions meet requirements and standards. The individual will serve as a technical mentor to TS peers as well as junior members of internal staff.

• Analyze, design and implementation of Azure Active Directory, and its integrations with other client applications and systems such as AD DS, Ping Office 365 and Service Now.

• Provide escalation support for Azure AD.

• Provide subject matter expertise to TS infrastructure project teams where IT risk management

  issues are involved, have potential implications for the business, and/or impact regions or

  functions, regulatory areas or technology platforms.

• Ensure proper security and controls are built into TS tools, vendors, applications and services by

  providing technical expertise, evaluation, assessment and consultation.

• Proactively assess the impact of regulatory and other security and internal control changes on

  TS and IT processes and advises senior management on the implications of costs, performance

  issues, risks and business needs

• Analyze technically complex business and competitive issues and discern their implications for

  risk management.

• Develop and maintain business partner relationships with GTS IT and Business stakeholders.

  Accountability for Security and Internal Controls and highly technical GTS Infrastructure projects.

Additional duties, including but not limited to:

• Analyze current Azure Active Directory environment to identify both technical and operational challenges while making recommendations and developing solutions for improvement

• Participate in or lead complex or high severity troubleshooting and incident/problem resolutions with other infrastructure teams

• Provide technical expertise to risk management activities for meeting regulatory, security and business requirements

• Anticipate risks and issues of high technical complexity based on understanding of business trends and the goals and objectives of the TS Infrastructure community

• Evaluate and ensure the resolution of technically complex security issues, internal control issues, critical incidents and/or crisis resolution management, escalating as necessary

• Proactively assess the impact of regulatory and other security and internal control changes on IT processes and advise senior management on the implications of costs, performance issues, risks and business needs

• Share expert knowledge of future trends, tools, procedures and systems in security, internal controls and risk management

• Review or prepare reports or documents on risk management to be communicated to TS, IT and senior management in highly complex situations

• Proactively manage partner expectations at the senior manager level and above, advising on optimal approaches and resolving conflicts between internal controls, information security requirements, compliance and project/business constraints

• Create forums, benchmarking analyses, and processes that result in improvement, information sharing and innovation across enterprise

• Develop networks of internal and external business partners, suppliers, the technical/legal community and consultants

• Make hiring recommendations

• Train employees

• Recommend budget amounts

  Required Skills:

• 8+ years of ISRM experience

• Minimum of 4 years experience where they have maintained Active Directory

  Enterprise/Domain Admin and/or Azure Global Admin responsibilities

• Knowledge of Azure MFA integration solutions

• Understanding of Microsoft Azure tenants/subscriptions

• Deep understanding of federation technologies (WS-Fed, OAuth, SAML, etc.)

• Strong working knowledge of Windows 2008, 2012 and 2016 operating systems platforms, DNS,

  networks, DMZs, firewalls, network security zones and proxies

• Strong risk management skills including confidence to vocalize concerns which may jeopardize

  integrity of on-premise Active Directory

• Minimum of 3 years of related Information Risk Management Experience

• Experience with tools and applications managing Governance, Risk and Compliance

• Effectively works with virtual, global teams – including diverse groups of people with varied

  backgrounds and cultural experiences

• Effectively fills in for a senior-level vacancy

  Preferred Skills:

• MS and/or advanced degree preferred

• Microsoft Certifications preferred

• Information Security & Risk Management certifications preferred

• Working knowledge of COBIT and / or ITIL is preferred

• Knowledge of key business processes preferred

• GxP background an asset (desirable, but not required)

• Industry experience with Information Security, Risk Management, Risk Assurance

  Required Education:

• BA/BS in Information Technology/Information Security or minimum university degree equivalent

Preferred Education:

• MS and/or advanced degree

• Information Security & Risk Management Certifications; Microsoft Certifications