IAM Engineer - OT Directory Services (m/f/d)
Today, Lonza is a global leader in life sciences operating across three continents. While we work in science, there’s no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that’s the kind of work we want to be part of.
The IAM Engineer - OT Active Directory role is a critical position responsible for the design, implementation, maintenance, and support of our company's Operational Technology (OT) Active Directory environments. This role will involve managing identity and access management (IAM) processes, ensuring the security and efficiency of OT systems, and providing ongoing monitoring and support to maintain the integrity and availability of these directories. The ideal candidate will have deep expertise in Active Directory management, strong problem-solving skills, and experience in OT environments, with a focus on securing and optimizing directory services to meet both current and future operational needs.
Key responsibilities:
1. Design and Implementation: Develop and deploy Active Directory (AD) architectures specifically tailored for Operational Technology (OT) environments, ensuring they are secure, scalable, and aligned with business requirements.
2. Collaborate closely with IT, OT, and IAM Managed Service teams to integrate AD with existing infrastructure and to facilitate seamless operations across the 24/5 support framework.
3. Maintenance and Oversight: Oversee the IAM Managed Service team's execution of routine maintenance tasks such as patch management, system upgrades, and configuration updates, ensuring adherence to best practices and company standards.
4. Ensure proactive monitoring is in place, reviewing reports and alerts generated by the IAM Managed Service team, and addressing escalated issues that require advanced expertise.
5. 3rd Level Support and Troubleshooting: Serve as the escalation point for complex AD-related issues that require 3rd level support, working alongside the IAM Managed Service team to ensure swift and effective resolution.
6. Provide guidance and direction to the IAM Managed Service team during critical incidents or when troubleshooting advanced technical issues.
7. Security and Compliance: Define and enforce security policies within the AD environments, with a focus on OT security needs, including access controls, authentication mechanisms, and auditing practices.
8. Collaborate with the IAM Managed Service team to ensure that all activities within the AD environments comply with industry standards and regulatory requirements relevant to OT systems.
9. Collaboration and Training: Work closely with cross-functional teams, including cybersecurity, network engineering, and operations, to ensure the AD infrastructure meets all technical and business needs.
10. Provide advanced training and mentorship to the IAM Managed Service team on AD best practices, security protocols, and troubleshooting techniques.
Key requirements:
1. Technical Expertise: Proficient in Active Directory administration, including domain controllers, GPOs, DNS, DHCP, and replication management, with a focus on complex troubleshooting and advanced configurations.
2. In-depth knowledge of IAM concepts and technologies, especially within OT environments, and experience collaborating with managed service teams to maintain and secure AD environments.
3. Expertise in AD security best practices, including the implementation of least privilege, role-based access control (RBAC), and multi-factor authentication (MFA).
4. Experience with OT and IAM Managed Services: Proven experience managing AD within OT environments, understanding the unique challenges and requirements of industrial control systems (ICS) and SCADA systems.
5. Familiarity with coordinating and overseeing IAM Managed Service teams, ensuring their work aligns with the company’s operational goals and security standards.
6. Problem-Solving and Escalation Support: Strong analytical skills with the ability to diagnose and resolve complex AD-related issues escalated to 3rd level support.
7. Experience guiding managed service teams through the troubleshooting process, ensuring a swift and effective response to critical incidents.
8. Collaboration and Communication: Excellent communication skills, with the ability to effectively coordinate with managed service teams, cross-functional technical teams, and non-technical stakeholders.
9. Ability to lead and influence the IAM Managed Service team, providing clear guidance and support during escalations and high-pressure situations.
10. Certifications and Education: Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate, CISSP, or equivalent, with a strong emphasis on advanced AD and IAM skills.
11. Bachelor’s degree in Computer Science, Information Technology, or a related field is preferred, though equivalent experience, particularly in OT environments, will be considered.
Every day, Lonza’s products and services have a positive impact on millions of people. For us, this is not only a great privilege, but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.
#J-18808-Ljbffr