Senior Engineer, Identity and Directory Services - Singapore - SINGAPORE TELECOMMUNICATIONS LIMITED

SINGAPORE TELECOMMUNICATIONS LIMITED

Verified Company

Singapore

2 weeks ago

Posted by:

Wei Jie

beBee Recruiter

Description

The Senior Engineer will be responsible to transform and modernise Enterprise IT Workplace Services, with primary focus in Singtel's corporate Active Directory and Public Key Infrastructure Services.

To implement, modernize and manage the Active Directory and PKI infrastructure and strengthen the foundation for holistic user identity management on the corporate network.

He/She will interface with other architectural and security teams to ensure these services are integrated with overall enterprise infrastructure architecture.

He/She works closely with Application teams, Infrastructure team by having a close alignment with the Identity Solution Architect.

Implement tasks and activities to modernise and produce enterpriselevel Microsoft Active Directory architecture, sites & replication, trust relationships, administrative management, global system security, policy configuration (GPOs), and PKI implementation.
Implement AD authentication integration for user SSO (single signon) using ADFS, SAML, OAUTH, LDAPS, Kerberos, etc and MFA support (MS Authenticator, SilverFort, etc).
Plan and implement privileged access management in Azure AD admin roles.
Implement Azure Active Directory services (authentication, authorization and Conditional Access) for Singtel hybrid multicloud environment, i.e. Azure Landing Zone.
Setup and continuously improve AD related services governance framework.
Drive automation initiatives together with Identity Solution Architect on AD to increase efficiency of operations team and to detect abnormal behaviour of the systems.
Provide expert advisories to operations team for continuous improvements in effectiveness of service monitoring, securitycompliance, integrity, and availability of AD Services.
Lead the BAU Operations team to improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
Ensure Active Directory and PKI services are complied with Singtel policies, standards and operational guidelines.
Provide guidance, training & advice to operations team to drive operational excellence
Support Audit topics related to AD, PKI and MFA services with evidence as and when required.

**Requirements: - At least 8 years of experience in designing and implementing Microsoft Identity technologies including Active Directory, CA-PKI, and Group Policies for large enterprises with more than 10,000 users.

Sound knowledge in administering Active Directory (AD) and GPO's, ADFS, PKI technologies.
Expert knowledge of DNS, DHCP, WINS, DFS, Microsoft enterprise technology.
Must have deep and thorough understanding of monitoring best practices, and compliance to best practices for security and operations.
Develops architecture documents and standards for ADrelated areas
Knowledge of server virtualization technologies, preferably VMware and/or Microsoft technologies
Expert in operating PKI infrastructure, handling AD and PKI migration
Expert in Azure AD roles, conditional access policies, B2B trust setup, B2C trust setup.
Expert in handling business counterparts and simplify the requirements to technical solutions.
Expert in leading BAU operation teams.