email this posting to a friend boston craigslist > north shore > gigs > computer gigs
please flag with care:

miscategorized
prohibited
spam/overpost
best of craigslist

Active Directory LDAP Administrator (Portsmouth NH)

Date: 2009-11-03, 10:54AM EST
Reply to: gigs-f72bx-1449479032@craigslist.org [Errors when replying to ads?]

6 months++++ contract


Description:
PROJECT/POSITION DESCRIPTION: (Identity Management)
we require additional staff capacity to address a number of complex security challenges needing to be addressed. This is the result of long-standing gaps in fundamental Security and Identity Management systems including provisioning and reporting within LDAP, AD and the IDM application suite. We will need 3 FTEs for up to six+ months to gather the data required to close these gaps. This effort must be conducted alongside Bladelogic deployment and independent of next-gen AIM. These work requirements include;

Complete Node Lists with ownership by Market/SBU
All LDAP and AD Groups with ownership and plain English access descriptions
Nested LDAP and AD Groups with ownership and specific accesses
All individual PINs (Administrator and otherwise) added to local nodes independent of Standard Group Provisioning
Listing of all non-administrator Groups which provide Administrator Privs
Separation of all users from Non-Administrator Groups which provide Admin. Privs
Creation and population of Market/SBU-based approval groups
Removal of all non-standard provisioning functionality, with updates to standard build process
Process mapping of all Access, Authentication and Accounting activities
Identification of additional workflow gaps
Implement Detective Control for each Windows server to alert of Admin access changes
Implement data classification system for MR nodes to satisfy IA requirements for additional information during SBU Admin Access reviews
Process and workflow documentation of enhanced Admin Access reviews









REQUIRED SKILLS: (for external use)REQUIRED EXPERIENCE LEVEL:
(BASIC, INTERMEDIATE, SENIOR, EXPERT)YEARS of EXPERIENCE:
LDAP Identity ProvisioningIntermediate3-5
Active Directory Identity ProvisioningIntermediate3-5
Unix Identity ManagementIntermediate3-5
Windows Identity ManagementIntermediate3-5

DESIRED SKILLS: (for external use)REQUIRED EXPERIENCE LEVEL:
(BASIC, INTERMEDIATE, SENIOR, EXPERT)YEARS of EXPERIENCE:
Principle of Least PrivilegeBasic1-2
Windows Group PolicyIntermediate3-5
Unix UID / GID AdminIntermediate3-5


____________________________________________




PostingID: 1449479032