In this position you will join Enterprise Cybersecurity as a member of the Enterprise Access Directory Services team. This is a dynamic, high visibility team that crafts and operates our multi-forest/multi-domain Active Directory (AD), Azure AD, ADFS, MIM and Lightweight Directory Services (LDS) environments!
The Enterprise Access Directory Services team is responsible for foundational components of Fidelity's IT ecosystem – the identity management stores and associated authentication and authorization services. We provide vital functions to all Fidelity's lines of business including protecting the IAM environment with user behaviour analytics and vulnerability management tools, supervising Group Policy Objects (GPO), and secure lateral account movement.
In this role you will provide engineering and support for Fidelity's Directory Services environment which provides secure identity management to a worldwide population of 50,000 employees. The team uses an Agile development process and operates in a combined engineering / operations DevOps model.
The Expertise You Have
Bachelor's degree in Computer Science/Engineering, Computer Systems Networking, Information Systems/Science, or a closely related subject area and five (5) years of experience
Broad understanding of security standards, controls, and architecture along with demonstrable experience coordinating Active Directory (AD), Azure AD, ADFS, MIM and/or Lightweight Directory Services (LDS)
Proven experience in both cloud (AWS, Azure) and traditional on-prem environments
The Skills You Bring
Experience working with Azure AD, Office 365, and ADFS and in O365 integration and configuring Azure AD Connect
Familiarity with software and/or hardware systems with a specific concentration in one or more areas: Active Directory for 2016 Server Domains, Group Policy, ADFS, DNS, DHCP, Power Shell and associated APIs
Strong general knowledge of Active Directory and PKI concepts and implementation standard methodologies
Strong practical knowledge of Windows PowerShell and UNIX/Linux command shell commands.
Experience implementing risk-based access controls in large scale, enterprise environments
Comfortable working with Microsoft .NET, c#, SQL, and/or XML
The Value You Deliver
Crafting and coordinating authentication and authorization solutions in multi-forest/multi-domain AD and Lightweight Directory Services (LDS) environments
Architecting, designing, and implementing auditing tools and improving monitoring for Directory Services
Supervising policy restriction design and Group Policy Objects (GPO), coordinating LDS, and performing Group Policy Management
Capturing and analyzing data to provide insight into developing future road map strategy and planning infrastructure migration, redesign, and integration projects
Providing technical support and disaster readiness for all Active Directory (AD) applications and systems, including highly available ADFS MIM and Azure AD Connect infrastructure
Working across product life cycles to retire technical debt with architecture groups to implement the next generation technology structure.
At Fidelity, we are focused on making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experiences. For information about working at Fidelity, visit FidelityCareers.com.
Fidelity Investments is an equal opportunity employer.
Apply on company website