Mandiant seeks an Active Directory (AD) architect with a strong focus related to securing, hardening, and mitigating common weaknesses found in both on-premises AD and cloud-based (Azure AD) infrastructure. Candidates will possess strong technical skills and an eagerness to apply their Active Directory, network architecture, identity, security hardening, and cloud security skillsets to assist clients in improving their security posture – as well as implementing containment and remediation actions during incident response engagements. Our consultants must be comfortable working in teams to tackle challenging projects, communicate with clients, provide hands-on assistance with hardening and security best-practices, and create and present high-quality deliverables.
- Lead, coordinate, and conduct both on-premises Active Directory security assessments and cloud-based security assessments focused in Microsoft Azure.
- Assist clients with designing and implementing architecture enhancements and security configuration modifications to defend against identified threats and attacker techniques.
- Provide subject-matter expertise with Active Directory identity protection best-practices, synchronization, and hybrid infrastructures.
- Help clients review and assess Active Directory integration and hardening with virtualization infrastructure and platforms.
- Create and document detailed guides and tracking documents – for clients to leverage as part of Active Directory hardening and overall infrastructure enhancements.
- Recommend and document specific countermeasures and mitigating controls based upon identified gaps and weaknesses.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Effectively communicate strategies and roadmap initiatives to client stakeholders including technical staff, executive leadership, and legal counsel.
- Work with sales and regional leadership teams to scope engagements, align resourcing, and ensure the successful execution of Mandiant consulting services.
- The successful candidate will have 5+ years of information security experience, focused within Active Directory and infrastructure environments, and additionally be able to demonstrate a strong proficiency in three or more of the following areas:
- Prior experience as a lead system administrator or network engineer in a large enterprise environment.
- Thorough understanding of enterprise security controls in Microsoft Active Directory environments – including scalable architectures and risk reduction strategies.
- Thorough understanding of Azure Active Directory and technologies to bridge the gap between on-premises and cloud identity stores.
- Identity management best practices – including identifying, managing, and securing privileged identities.
- Expertise with practical and scalable security controls that can contain and harden both on-premises and cloud-based environments.
- Understanding of enterprise networking and knowledge of network segmentation strategies.
- Implementation and management for both network and host-based firewall configurations.
- Implementation of logging configurations for network devices, endpoints (Windows / Unix), and cloud-based infrastructures.
- PowerShell and/or Python scripting proficiency.
- Communication to both technical and non-technical audiences.
- Strong collaboration with both internal and external stakeholders.