You are viewing a preview of this job. Log in or register to view more details about this job.

Identity and Access Management Engineer

Hillsborough County Government
Email
Job Overview

Performs all aspects of Microsoft Active Directory User, Group, and Identity Administration within an Enterprise Network in accordance with industry best practices and established enterprise policies and procedures. Supervises and mentors subordinate Identity and Access Management Administrators. Performs duties while maintaining a high level of professionalism with a focus on Customer Service.
Salary: UNCLPR.2
Min: $71,593.60
Mid: $94,868.80
Max: $118,123.20
Ideal Candidate
The ideal candidate will have a Bachelor’s degree from an accredited college or university with a major in Information Technology / MIS or a related engineering field and four years of experience implementing, troubleshooting and supporting enterprise Identity Management Systems such as Microsoft Active Directory. Must have extensive experience managing user identities in an Enterprise environment. Ideal Candidate will show proficiency in the following disciplines:
  • Four years’ experience performing user and group account creations, deletions, renames, moves and other modifications in a Microsoft Active Directory environment is required.
  • Four years’ experience performing user mailbox and distribution group creations, deletions, renames and other modifications in a Microsoft Exchange and/or Exchange Online environment is required.
  • Four Years’ Experience creating, managing and modifying Active Directory Organizational Units and managing file permissions / rights on file servers is required.
  • Two years’ experience with managing users, groups and Exchange identities using Microsoft Powershell and/or Exchange Management Shell is required.
  • Two years’ experience with creating, managing, modifying and linking Group Policy Objects is required.
  • Two years’ experience deploying, managing and troubleshooting Windows Servers and Hyper-V. Proficiency with Windows Server 2016, 2019 and 2022 is preferred.
  • Two years’ experience managing / leading Information Technology Projects as a Team Lead, Subject Matter Lead/Expert or as a Project Manager is preferred.
Duties and Responsibilities
Note: The following duties are illustrative and not exhaustive. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position. Depending on assigned area of responsibility, incumbents in the position may perform one or more of the activities described below.
  • Performs complex tasks related to End User Account and Identity Management in a Microsoft Active Directory (AD) and Microsoft Azure AD (AAD) environment. Includes AD/AAD Account and Organizational Unit (OU) creation, deletion, renames, moves and reorganization to meet the changing needs of the Organization.
  • Performs AD, AAD and Exchange user account management functions. Creates, deletes, renames or transfers user and email accounts and manage access control based on industry best practices and enterprise policies and procedures.
  • Provides Tier 2 and Tier 3 technical support for complex escalated issues in supporting multiple identity management platforms (AD, AAD, Exchange, etc.).
  • Develops, edits, and presents technical designs, network diagrams, project plans and other technical reports. Creates management level reports on AD and AAD User, Group and Exchange mailbox metrics.
  • Performs all aspects of Microsoft Exhange and Exchange Online mailbox management. Includes mailbox creation, moves, renames, deletions, permissions/rights assignments, account modifications, and license management. Includes performing eDiscovery searches in accordance with Florida Public Records/Sunshine Law Florida Statutes Chapter 119.
  • Performs as Supervisor to subordinate Identity and Access Management Administrators engaged in AD and Exchange Identity Management tasks. Provides mentoring and training to peers and subordinates.
  • Creates, modifies, and maintains AD and AAD group membership using best practices including Role Based Access Control (RBAC).
  • Creates, deletes, modifies, links and maintains AD group policy objects (GPO) according to industry best practices and enterprise policies and procedures.
  • Performs network server builds installing multi-platform operating systems and applications and deploying through automation. 
  • Performs configuration, optimizing, monitoring, and system backups for enterprise network servers, storage systems, backup systems, personal computers, peripherals, and end user devices.
  • Performs project management duties on complex technology projects in accordance with established project management methodology. Act as team technical liaison for externally managed technology projects originating from the enterprise project management office as well as other departments. 
  • Provides project management mentoring for subordinate Identity and Access Management Administrators.
  • Performs remedial troubleshooting for hardware and software systems, preventative maintenance, patching and upgrades for enterprise network servers, storage systems, backup systems, personal computers, peripherals, and end user devices.
  • Performs other related duties as assigned.
Nature of Work
  • Sedentary Work: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects, including the human body.
Working Conditions
  • Work is performed in a standard, climate-controlled office environments.
Physical Efforts
  • Requires speaking, vision, hearing, sitting, and standing.
  • Requires the use of office machinery including, but not limited to, personal computers, smart phones, tablets, calculators, multi-function devices.
Minimum Qualifications
  • Bachelor's degree from an accredited college or university with a major in information technology or related field; and
  • Four (4) years of experience managing enterprise identities in a Microsoft Active Directory and Microsoft Azure Active Directory environment and experience managing complex enterprise technology projects in accordance with established project management methodology; or
  • An equivalent combination of education, training, and experience that would reasonably be expected to provide the job-related competencies noted.
Preferred Qualifications
  • Microsoft Certified Identity and Access Administrator Associate
  • Microsoft Certified Systems Engineer (MCSE)
  • Microsoft Certified Systems Associate (MCSA)
Job-Specific Competencies
  • Proficiency with Microsoft Active Directory (AD) and Microsoft Azure Active Directory (AAD) in regard to all aspects of User, Group, and Organizational Unit (OU) management including account creation, moves, renames, deletions, and license management.
  • Proficiency with Microsoft Exchange and Exchange Online in regard to all aspects of User Management, including Mailbox, Contacts and Distribution Group creation, moves, renames, deletions, and license management.
  • Proficiency with Microsoft PowerShell, specifically with the Microsoft AD, AAD, Microsoft Online, Microsoft Exchange and Exchange Online PowerShell modules.
  • Considerable knowledge of assigning rights and privileges to AD accounts, groups, exchange mailboxes, OUT's and File Shares based on industry best practices and utilizing Role Based Access Control (RBAC).
  • Ability to develop, edit, and present technical designs, network diagrams, project plans, and other technical reports. Create management level reports on AD and AAD and Exchange User, Group and Mailbox metrics.
  • Ability to perform eDiscovery searches on all aspects of the Azure, Exchange Online, SharePoint Online, OneDrive and Microsoft 365 Online environments through the Microsoft Security and Compliance Center and Microsoft Purview.
  • Ability to organize, prioritize, and manage multiple projects, tasks, and time to meet delivery dates.
  • Ability to develop, edit, and present technical designs, network diagrams, project plans, and other technical reports.
  • Ability to work professionally and effectively with others while being a role model to peers and subordinate positions and providing superior customer service to customers.
  • Ability to communicate effectively both written and orally to end users, vendors, management and peers.
  • Ability to supervise, train and mentor subordinate Identity and Access Management Administrators while maintaining a professional working relationship with peers.
  • Critical Thinking: Ability to use considerable initiative, think independently, and exercise sound judgment and discretion.
  • Decision Making: Ability to collect, organize and evaluate data to make logical decisions.
  • Communication: Ability to influence, persuade and negotiate with others to make decisions of significant consequence.
  • Strategic Planning: Ability to envision a desired future and translate that vision to establish business plans, including objectives, goals and measurable outcomes that align strategically.
  • Managerial/Operational Skills:  Ability to set strategies, policies, procedures, standards and practices. Skill to provide ongoing and constructive feedback to others. Ability to communicate organizational and departmental vision to others.
  • Leadership: Demonstrates concern for excellence and organizational awareness. Ability to motivate others to succeed and to deliver excellent customer service, by providing training and team building. Ability to be innovative.
  • Analytical Ability: Ability to troubleshoot complex technical issues and devices and implement resolutions.
  • Managing Complexity: Ability to manage multiple disciplines of technology in a large and complex enterprise level network.