Beaumont Health System IT Architect in Troy, Michigan

IT Architect - AD Security SpecialistReq #: 30112622 Category: Business Ops Facility: Information Technology Center Department: IT Cyber Security Admin Schedule: Full time Shift: DaysHours: 8:00a - 4:30p M-F Job Details:IT Architect - AD Security SpecialistGENERAL SUMMARY:The IT Architect I - AD Security Specialist provides technical assistance for the maintenance of an Active Directory/Azure environment. A hands-on technical specialist, the position requires the expert knowledge and strong understanding of the architecture and configuration of Microsoft Windows OS technology. This entails knowledge of AD Forests, Domains, Trusts, DNS, DHCP, Group Policy and Organizational Units. The IT Architect - AD Security Specialist will also assist with the technical work to provide and update policies related to the Active Directory platform and adherence of the policy guidelines. The IT Architect - AD Security Specialist will make recommendations for the reporting and logging tools to monitor an Active Directory environment. AD monitoring proactively provides the organization with compliance to HIPAA, HITECH and PCI regulatory requirements. The IT Architect - AD Security Specialist also defines requirements and process flows related to security technology to appropriately manage information security risks for the Beaumont Health System.ESSENTIAL DUTIES:1. Document and communicate procedural practices related to AD service (maintaining and delivering the directory service) and data administrators (maintaining the data stored in the directory service), on domain servers and workstations.2. Develop strategy and operational management of identity and access management functions which includes -Development of delegated administrative roles to support segregation of duties.Administration of privilege management procedures with standardized privilege management tools.Develop and implement password policies for the AD domain and specified organizational units (admin accounts, service accounts, etc.)Design and architect an enterprise global Active Directory infrastructure, including design and implementation of Group Policy via domain consolidation for large scale organizations. Develop and implement procedural practices to maintain user defined AD group policies. Plan and design Group Policy Objects as requested to ensure compliance of company policies for servers and end-point devices.Develop and implement standardized procedural practices for various types of group policy administration.Participation in role-based automated provisioning/de-provisioning with a standardized identity and access management tool.3. Assist with troubleshooting and resolving issues with Active Directory/Azure, GPO, Active Directory Federated Services, and password/identity management systems.4. Assist in management and support of internal and external DNS systems. Assist in management and support of internal DHCP architecture and scoping.5. Work with stakeholders and other technical teams to collect business and technical requirements and design/deliver enterprise level solutions.6. Create and update technical documentation of operating procedures as needed.7. Oversee the architecture and design of the global backup and recovery of Active Directory.8. Follow and apply configuration and security standards and policies within a defined Change Management process.9. Develop and prepare AD security reports by collecting, analyzing, and summarizing data and trends, ad hoc reports for management.10. Develop and lead an Active Directory Steering Committee to ensure the Beaumont AD environment adheres with the associated organizational baseline policy. Lead discussions in business and technical informatio