Fidelity Investments Job - 34863495 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: Fidelity Investments
Location: Durham, NC
Career Level: Mid-Senior Level
Industries: Banking, Insurance, Financial Services


Job Description:

In this position you will join Enterprise Cybersecurity as a member of the Enterprise Access Directory Services team. This is a dynamic, high visibility team that crafts and operates our multi-forest/multi-domain Active Directory (AD), Azure AD, ADFS, MIM and Lightweight Directory Services (LDS) environments!

The Team

The Enterprise Access Directory Services team is responsible for foundational components of Fidelity's IT ecosystem – the identity management stores and associated authentication and authorization services. We provide vital functions to all Fidelity's lines of business including protecting the IAM environment with user behaviour analytics and vulnerability management tools, supervising Group Policy Objects (GPO), and secure lateral account movement.

In this role you will provide engineering and support for Fidelity's Directory Services environment which provides secure identity management to a worldwide population of 50,000 employees. The team uses an Agile development process and operates in a combined engineering / operations DevOps model.

The Expertise You Have

  • Bachelor's degree in Computer Science/Engineering, Computer Systems Networking, Information Systems/Science, or a closely related subject area and five (5) years of experience

  • Broad understanding of security standards, controls, and architecture along with demonstrable experience coordinating Active Directory (AD), Azure AD, ADFS, MIM and/or Lightweight Directory Services (LDS)

  • Proven experience in both cloud (AWS, Azure) and traditional on-prem environments

The Skills You Bring

  • Experience working with Azure AD, Office 365, and ADFS and in O365 integration and configuring Azure AD Connect

  • Familiarity with software and/or hardware systems with a specific concentration in one or more areas: Active Directory for 2016 Server Domains, Group Policy, ADFS, DNS, DHCP, Power Shell and associated APIs

  • Strong general knowledge of Active Directory and PKI concepts and implementation standard methodologies

  • Strong practical knowledge of Windows PowerShell and UNIX/Linux command shell commands.

  • Experience implementing risk-based access controls in large scale, enterprise environments

  • Comfortable working with Microsoft .NET, c#, SQL, and/or XML

The Value You Deliver

  • Crafting and coordinating authentication and authorization solutions in multi-forest/multi-domain AD and Lightweight Directory Services (LDS) environments

  • Architecting, designing, and implementing auditing tools and improving monitoring for Directory Services

  • Supervising policy restriction design and Group Policy Objects (GPO), coordinating LDS, and performing Group Policy Management

  • Capturing and analyzing data to provide insight into developing future road map strategy and planning infrastructure migration, redesign, and integration projects

  • Providing technical support and disaster readiness for all Active Directory (AD) applications and systems, including highly available ADFS MIM and Azure AD Connect infrastructure

  • Working across product life cycles to retire technical debt with architecture groups to implement the next generation technology structure.


Company Overview

At Fidelity, we are focused on making our financial expertise broadly accessible and effective in helping people live the lives they want. We are a privately held company that places a high degree of value in creating and nurturing a work environment that attracts the best talent and reflects our commitment to our associates. We are proud of our diverse and inclusive workplace where we respect and value our associates for their unique perspectives and experiences. For information about working at Fidelity, visit

Fidelity Investments is an equal opportunity employer.

 Apply on company website