Senior System Engineer (Active Directory & IAM)

Company Overview

Our client, a leading MNC company, is looking for a Senior System Engineer (Active Directory & IAM) to support their expanding IT Team in the daily IT operation. This is a new position with potential growth opportunities in the future.

Responsibilities

• Provide Tier 2/3 technical support for Active Directory (AD) environments.
• Troubleshoot and resolve user authentication and group policy issues.
• Manage user accounts, groups, and permissions within Active Directory.
• Ensure the security, integrity, and availability of the Active Directory infrastructure.
• Perform regular maintenance tasks, including backups and system updates.
• Conduct health checks on domain controllers and replication status.
• Create and maintain documentation for configurations and procedures.
• Participate in Active Directory upgrades and migration projects.
• Provide training and support to IT staff and end-users.
• Collaborate with network and system administrators for integration.
• Stay updated on Active Directory features and best practices.
• Recommend improvements for AD processes and architectures.
• Administer and manage Identity and Access Management (IAM) systems, ensuring secure and efficient access to applications, systems, and data.
• Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other identity security solutions.
• Monitor and audit access rights, permissions, and privileged accounts to ensure compliance with security policies and regulatory requirements.
• Support lifecycle management of user identities, including provisioning, de-provisioning, and role-based access control (RBAC).
• Respond to and remediate IAM-related security incidents, including unauthorized access attempts and privilege escalations.
• Lead efforts to integrate IAM solutions with on-premises and cloud services (e.g., Azure AD, AWS IAM).
• Analyze and streamline access request processes for improved efficiency and user experience

Requirements

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• Strong understanding of Active Directory architecture and components.
• Experience with Windows Server environments and Group Policy Management.
• Experience implementing and managing IAM solutions (e.g., Azure AD, Okta, Ping Identity, AWS IAM, or similar).
• Experience with hybrid identity environments (on-prem AD integrated with Azure AD or other cloud IAM solutions).Strong analytical, problem-solving, and presentation skills
• Microsoft certificate e.g., Azure Administrator, Identity and Access Administrator
• Knowledge of Zero Trust principles and their application in identity security
• Excellent communication and interpersonal skills to collaborate with cross-functional teams
• Proficiency in both written and spoken English and Chinese, including Mandarin

The company has great reputation and offers a permanent position to the suitable candidate. Interested candidate please share your CV to l.looi@tenthrevolution.com or contact to +85230180385.