Identity Security Engineer
The Identity Security Engineer provides technical expertise related to design, management, and security of identity infrastructures across various retail enterprises.
This role is responsible for ensuring strong authentication, access control, and threat mitigation strategies to protect retail operations, corporate environments, customer-facing applications, and cloud environments.
Main Responsibilities:
* Active Directory Architecture & Administration: Design, configure, and maintain Active Directory (AD), Azure AD, and hybrid identity environments to ensure seamless user access and efficient system administration.
* Access Security & Authentication: Implement Multi-Factor Authentication (MFA), Conditional Access, and Single Sign-On (SSO) policies to enhance user experience and minimize security risks.
* Identity Protection & Threat Mitigation: Support the implementation and maintenance of Privileged Access Management (PAM), Just-In-Time (JIT) access, and other security measures to safeguard against unauthorized access and data breaches.
* Zero Trust & Least Privilege Principles: Apply Role-Based Access Control (RBAC) and segmentation strategies to strengthen security posture and ensure that users have only the necessary permissions to perform their tasks.
* Group Policy Management: Develop and enforce Group Policy Object (GPO) policies for authentication, user access, and device security and configuration to maintain a secure and compliant environment.
* Privileged Identity Management (PIM): Implement and monitor privileged access restrictions for IT administrators and executives to prevent unauthorized access and maintain accountability.
* Retail-Specific Security Protocols: Ensure secure access to POS systems, inventory management, and internal corporate applications by implementing robust security protocols and procedures.
* Identity Synchronization & Security Compliance: Manage Azure AD Connect, SAML, OAuth, and align with regulatory requirements such as PCI DSS and GDPR to ensure compliance and data protection.
* PowerShell Automation: Develop automation scripts to support user and device provisioning, access reviews, and policy enforcement to streamline processes and reduce administrative burdens.