Senior Systems Engineer, Active Directory
Blizzard Entertainment’s Information Systems team is looking for an experienced and talented Senior Active Directory Engineer to join our Collaboration, Identity, and Auth team. The CIA team is responsible for the infrastructure which supports on-prem and cloud authentication, identity management, and collaboration with productivity suites like Office 365. The ideal candidate is experienced in designing, deploying, operating, and troubleshooting centralized and cloud-based IT infrastructures which form the cornerstone of user authentication and authorization (including AD and AzureAD).
If you dream about optimized OUs and delegations, spent a week getting your end-to-end replication time down to a couple minutes, and converted all your service accounts to GMSAs, then we want to hear from you! This role will focus on enterprise-level Active Directory engineering, including but not limited to; deploying a new AD forest to enable broader auth across multiple business units, structuring trust relationships between new and existing forests, redesigning AzureAD and AzureAD Connect, incorporating a new ESAE forest to better-protect sensitive accounts, and moving all services toward infrastructure as code for improved automation and consistency.
This individual is ideally a self-starter who watches for every area of improvement and proactively drives new solutions to stay ahead the company’s needs. Working directly with Project Management and other IT teams, this role will guide decisions which shape our services for years to come. This role also works directly with our Security team to review proposed configurations before implementing, and to address any issues with existing infrastructure.
- Design and deploy new Active Directory solutions and services across the enterprise.
- Design and implement new AD topologies and trusts to enable work across forests in the enterprise.
- Leverage PowerShell to standardize and automate common tasks.
- Drive secure services toward Infrastructure as Code using tools like Powershell DSC.
- Provide guidance to AD integration teams and other administrators from across the business.
- Monitor service health and improve monitoring toolkits for better service insight and alerting.
- Create documentation such as Standard Operating Procedures, Knowledge Base articles, and Troubleshooting Guides which promote user and administrator self-service.
- Support our Active Directory and Azure AD infrastructure during business hours and in an on-call rotation.
- Support legacy auth configurations such as LDAP and ADFS
- 5 years’ experience designing, deploying, and managing Active Directory.
- 5 years’ experience using Powershell for automation of system and user management.
- 5 years’ experience engineering new enterprise solutions from requirements gathering through implementation, documentation, and operational handoff.
- 5 years’ experience designing, deploying, and managing MS Group Policy Objects.
- 2 years’ experience designing and managing AzureAD and Azure AD Connect
- Advanced knowledge of computer security systems, applications, procedures, and techniques.
- Strong interpersonal and communication skills.
Bonus Points For
- Bachelor's or Master’s Degree in Information Technology or related field, or equivalent experience.
- Relevant Microsoft Certifications
- Experience with tools like Recovery Manager for AD and GPOADmin
- Experience deploying and managing Public Key Infrastructure (PKI) services.
- Familiarity with implementing Zero Trust in an enterprise environment
- Virtualization experience with VMware and Hyper-V
- Understanding of ITIL framework.
- Love for video games and other geeky stuff.
COVID-19 Hiring Update:
We’ve transitioned to a work-from-home model and we’re continuing to interview and hire during this time. This role is expected to begin as a remote position. We understand each person’s circumstances may be unique and will work with you to explore possible interim options.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.