Archiviertes Projekt - Senior IT Architect Infrastructure Core Services(f/m/d) wanted!
Firmenname für PREMIUM-Mitglieder sichtbar
- Juli 2024
- Dezember 2025
- D-Großraum Berlin
- auf Anfrage
- Remote
- 16.04.2024
- 3642
Projektbeschreibung
For an international customer we are currently looking for a Senior IT Architect Infrastructure Core Services(f/m/d).
Your tasks will be:
• Design a Next-Generation Active Directory Infrastructure with extensive Automation:
• Implement GitOps for version-controlled infrastructure management automation for configuring deployment Consider strict RBAC approaches.
• Ensure comprehensive OS/SW-patching- and auto-image-update mechanisms.
• Design Identity Management Solutions with Secure Authentication Protocols
• Design adaptive authentication standards to enhance security and user experience.
• Conceptualize a PKI Ecosystem with Secure Key Management and GitOps Integration:
• Develop automated processes for credential rotation and cryptographic key management to enhance security posture.
• Integrate key management with GitOps workflows to automate certificate lifecycle management and ensure compliance.
• Conceptualize the Enforcement of Zero Trust Security Principles
Following Know-how is required:
• Proficient in Microsoft Active Directory (AD) design, deployment, and management, including expertise in complex forest and domain architectures, multi-site replication, and group policy management, defining granular permissions based on user roles, groups, and organizational hierarchy, ensuring least privilege access and regulatory compliance. Further extensive knowledge in rollout-, update- and patching-methods.
• Extensive knowledge of Public Key Infrastructure (PKI) implementation, including certificate authority (CA) design, certificate lifecycle management, and secure (auto) key distribution mechanisms.
• Deep understanding of Identity Management concepts and solutions, encompassing user provisioning, authentication, authorization, and single sign-on (SSO) across diverse enterprise environments.
• Expertise in developing and enforcing robust password(less) policies and secure authentication mechanisms, including multi-factor authentication (MFA), smart card authentication, biometric authentication as well as the rotation of sensitive credentials and cryptographic keys.
• Skilled in designing and implementing secure identity federation protocols like OAuth, OpenID Connect, and SAML, enabling seamless authentication and authorization across heterogeneous systems and applications.
• Strong expertise in operational management practices via GitOps methodologies, utilizing version control systems like Github for infrastructure as code (IaC) management, automated deployment, and configuration drift management. Skilled in Ansible-based Windows management within a fully automated AD environment, utilizing Ansible playbooks for automated configuration management, orchestration, and compliance enforcement across Windows servers and applications.
• Skilled in implementing multi-security-zoning principles for network and system architecture design, enforcing segmentation and isolation of critical assets and sensitive data, enhancing resilience against cyber threats and ensuring regulatory compliance by appropriate concepts of firewalling, loadbalancing, APM and ASM
Order Type: contract
Location: remote
Start: July 2024
volume: 1-2 days per week = 50-100 days per annum
2024: ca. 36
2025: ca. 66
Duration: end of 2025 (with option of contract extension)
If you are interested, please let us know your day rate and your availability. We are looking forward to your application in an MS-Word-readable format quoting the reference-number 3642.
Your tasks will be:
• Design a Next-Generation Active Directory Infrastructure with extensive Automation:
• Implement GitOps for version-controlled infrastructure management automation for configuring deployment Consider strict RBAC approaches.
• Ensure comprehensive OS/SW-patching- and auto-image-update mechanisms.
• Design Identity Management Solutions with Secure Authentication Protocols
• Design adaptive authentication standards to enhance security and user experience.
• Conceptualize a PKI Ecosystem with Secure Key Management and GitOps Integration:
• Develop automated processes for credential rotation and cryptographic key management to enhance security posture.
• Integrate key management with GitOps workflows to automate certificate lifecycle management and ensure compliance.
• Conceptualize the Enforcement of Zero Trust Security Principles
Following Know-how is required:
• Proficient in Microsoft Active Directory (AD) design, deployment, and management, including expertise in complex forest and domain architectures, multi-site replication, and group policy management, defining granular permissions based on user roles, groups, and organizational hierarchy, ensuring least privilege access and regulatory compliance. Further extensive knowledge in rollout-, update- and patching-methods.
• Extensive knowledge of Public Key Infrastructure (PKI) implementation, including certificate authority (CA) design, certificate lifecycle management, and secure (auto) key distribution mechanisms.
• Deep understanding of Identity Management concepts and solutions, encompassing user provisioning, authentication, authorization, and single sign-on (SSO) across diverse enterprise environments.
• Expertise in developing and enforcing robust password(less) policies and secure authentication mechanisms, including multi-factor authentication (MFA), smart card authentication, biometric authentication as well as the rotation of sensitive credentials and cryptographic keys.
• Skilled in designing and implementing secure identity federation protocols like OAuth, OpenID Connect, and SAML, enabling seamless authentication and authorization across heterogeneous systems and applications.
• Strong expertise in operational management practices via GitOps methodologies, utilizing version control systems like Github for infrastructure as code (IaC) management, automated deployment, and configuration drift management. Skilled in Ansible-based Windows management within a fully automated AD environment, utilizing Ansible playbooks for automated configuration management, orchestration, and compliance enforcement across Windows servers and applications.
• Skilled in implementing multi-security-zoning principles for network and system architecture design, enforcing segmentation and isolation of critical assets and sensitive data, enhancing resilience against cyber threats and ensuring regulatory compliance by appropriate concepts of firewalling, loadbalancing, APM and ASM
Order Type: contract
Location: remote
Start: July 2024
volume: 1-2 days per week = 50-100 days per annum
2024: ca. 36
2025: ca. 66
Duration: end of 2025 (with option of contract extension)
If you are interested, please let us know your day rate and your availability. We are looking forward to your application in an MS-Word-readable format quoting the reference-number 3642.
Kontaktdaten
Als registriertes Mitglied von freelance.de können Sie sich direkt auf dieses Projekt bewerben.
Kategorien und Skills
Sie suchen Freelancer?
Schreiben Sie Ihr Projekt aus und erhalten Sie noch heute passende Angebote.
Jetzt Projekt erstellen