IAM Engineer - Directory Services (f/d/m)
Apply locations: UK - Manchester, ES - Porriño, UK - Slough - REMOTE
Time type: Full time
Posted on: Posted 30+ Days Ago
Job requisition id: R62558
Today, Lonza is a global leader in life sciences operating across three continents. While we work in science, there’s no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that’s the kind of work we want to be part of.
The IAM Engineer for directory services at Lonza, you will be responsible for the design, implementation, and management of Active Directory (AD) and Azure Active Directory (Azure AD) across the organization's global infrastructure. Your role will involve ensuring the security, availability, and scalability of these directory services, which are critical to the company's identity and access management framework. You will work closely with cybersecurity, IT operations, and business units to develop and enforce access control policies, manage user identities, and support seamless integration with both cloud and on-premises applications. Additionally, you will ensure that the directory services align with regulatory requirements such as GDPR and HIPAA, while continuously evaluating and adopting emerging technologies to enhance the organization's security and operational efficiency.
Key Responsibilities:
Design and Implementation of Directory Services: Lead the design, deployment, and management of Active Directory (AD) and Azure Active Directory (Azure AD) environments, ensuring they are secure, scalable, and optimized for performance. Develop and implement policies for directory services that align with organizational security and compliance requirements, including GDPR and HIPAA. Collaboration with IAM Teams: Work closely with other IAM teams responsible for Identity Lifecycle, Privileged Access Management, Certificate Services, Application Lifecycle, Authentication, and Authorization to ensure seamless integration and consistent application of security policies across all identity-related areas. Integration and Automation: Develop and implement automation scripts and tools to streamline directory management tasks, domain provisioning, standardization in the OU structure, and site provisioning & deprovisioning. Ensure seamless integration between AD, Azure AD, and other IAM tools, enabling a unified identity and access management platform. Security and Compliance: Implement and maintain strict security standards within directory services, ensuring that only authorized users have access to critical systems and data. Monitor and audit directory services for compliance with internal and external regulations, identifying and mitigating any security risks. Directory Services Optimization: Continuously evaluate and optimize the performance of directory services, implementing updates and patches as necessary. Lead efforts to migrate or upgrade directory services, ensuring minimal disruption to business operations. Support and Collaboration with Managed Services: Work closely with the IAM Managed Service team, providing them with technical guidance and support for the operational management of AD and Azure AD. Act as a customer concern point for complex directory services issues that cannot be resolved by the Managed Service team. Documentation and Training: Create and maintain comprehensive documentation for directory services architecture, processes, and policies. Deliver training and knowledge transfer to the IAM Managed Service team and other relevant collaborators. Key Requirements:
Technical Expertise in Directory Services: Extensive hands-on experience with Active Directory (AD) and Azure Active Directory (Azure AD) administration, including designing, deploying, and managing these environments in large-scale, global organizations. Proficiency in configuring and managing Group Policies, DNS, DHCP, and other AD-related services. IAM Knowledge: Solid grasp of Identity and Access Management concepts, particularly in relation to directory services, authentication, authorization, and identity lifecycle management. Familiarity with other IAM domains such as Privileged Access Management (PAM), Certificate Services, and SSO/MFA solutions. Security and Compliance Competence: In-depth knowledge of security standard processes related to directory services, including access controls, password policies, and audit logging. Experience ensuring compliance with industry regulations such as GDPR, HIPAA, and other relevant standards. Scripting and Automation Skills: Proficiency in scripting languages such as PowerShell, Python, or similar, to automate directory management tasks and integrate with other IAM tools. Problem-Solving: Strong analytical skills with the ability to diagnose and resolve complex issues related to directory services. Experience acting as a customer concern point for directory services-related issues. Collaboration and Communication: Ability to collaborate effectively with multi-functional teams, including cybersecurity, IT operations, and business units, to achieve shared goals. Good interpersonal skills, with the ability to document and explain technical concepts to both technical and non-technical audiences. Continuous Learning and Adaptability: Commitment to staying ahead of with the latest developments in directory services, IAM technologies, and security practices. This role can be done as remote work with residency in Spain, UK, and Netherlands.
#J-18808-Ljbffr
Design and Implementation of Directory Services: Lead the design, deployment, and management of Active Directory (AD) and Azure Active Directory (Azure AD) environments, ensuring they are secure, scalable, and optimized for performance. Develop and implement policies for directory services that align with organizational security and compliance requirements, including GDPR and HIPAA. Collaboration with IAM Teams: Work closely with other IAM teams responsible for Identity Lifecycle, Privileged Access Management, Certificate Services, Application Lifecycle, Authentication, and Authorization to ensure seamless integration and consistent application of security policies across all identity-related areas. Integration and Automation: Develop and implement automation scripts and tools to streamline directory management tasks, domain provisioning, standardization in the OU structure, and site provisioning & deprovisioning. Ensure seamless integration between AD, Azure AD, and other IAM tools, enabling a unified identity and access management platform. Security and Compliance: Implement and maintain strict security standards within directory services, ensuring that only authorized users have access to critical systems and data. Monitor and audit directory services for compliance with internal and external regulations, identifying and mitigating any security risks. Directory Services Optimization: Continuously evaluate and optimize the performance of directory services, implementing updates and patches as necessary. Lead efforts to migrate or upgrade directory services, ensuring minimal disruption to business operations. Support and Collaboration with Managed Services: Work closely with the IAM Managed Service team, providing them with technical guidance and support for the operational management of AD and Azure AD. Act as a customer concern point for complex directory services issues that cannot be resolved by the Managed Service team. Documentation and Training: Create and maintain comprehensive documentation for directory services architecture, processes, and policies. Deliver training and knowledge transfer to the IAM Managed Service team and other relevant collaborators. Key Requirements:
Technical Expertise in Directory Services: Extensive hands-on experience with Active Directory (AD) and Azure Active Directory (Azure AD) administration, including designing, deploying, and managing these environments in large-scale, global organizations. Proficiency in configuring and managing Group Policies, DNS, DHCP, and other AD-related services. IAM Knowledge: Solid grasp of Identity and Access Management concepts, particularly in relation to directory services, authentication, authorization, and identity lifecycle management. Familiarity with other IAM domains such as Privileged Access Management (PAM), Certificate Services, and SSO/MFA solutions. Security and Compliance Competence: In-depth knowledge of security standard processes related to directory services, including access controls, password policies, and audit logging. Experience ensuring compliance with industry regulations such as GDPR, HIPAA, and other relevant standards. Scripting and Automation Skills: Proficiency in scripting languages such as PowerShell, Python, or similar, to automate directory management tasks and integrate with other IAM tools. Problem-Solving: Strong analytical skills with the ability to diagnose and resolve complex issues related to directory services. Experience acting as a customer concern point for directory services-related issues. Collaboration and Communication: Ability to collaborate effectively with multi-functional teams, including cybersecurity, IT operations, and business units, to achieve shared goals. Good interpersonal skills, with the ability to document and explain technical concepts to both technical and non-technical audiences. Continuous Learning and Adaptability: Commitment to staying ahead of with the latest developments in directory services, IAM technologies, and security practices. This role can be done as remote work with residency in Spain, UK, and Netherlands.
#J-18808-Ljbffr
