Your role in the team
The CSTS Active Directory team safeguards the confidentiality, integrity, and availability of information by mitigating security risks and threats to Allstate.
We help protect Allstate’s information assets to maintain customer and employee trust, enable the business to achieve its objectives, and contribute to shareholder value.
As an Active Directory Data Security Engineer, you will assess risk and design and build security solutions that will protect Allstate against ongoing and potential security threats.
This role requires the ability to synthesize radical ideas, the aptitude to define new security strategies and the tenacity to get the job done globally.
Engineer, deploy and support the corporate Active Directory and Azure Active Directory environments
Define and deploy enhanced protection capabilities for Active Directory including segmentation using Firewall and Active Directory hardening configurations
Consult and provide Active Directory integration guidance for application and platform teams
Mentor and train junior team members with all aspect of Active Directory
Lead the Active Directory and Azure Active Directory roadmaps for the organization and incorporate the corresponding capabilities into the Identity and Access Management strategy
Provide experienced support, analysis, research, and advice into sophisticated Active Directory problems and integrations
Be the Active Directory security ambassador to the partner infrastructure teams
Lead Active Directory lifecycle plans, OS upgrades and hardening activities
Produce and maintain Active Directory architecture documents establishing the operational, system and technical views of the environment
Provide Active Directory critical issue support to L2 / L3 resources and vendors / partners as needed
Participate in rotational on-call duties to provide after-hours support
Act as the single-point-of-contact for Microsoft engagements related to platform reviews, architectural engagements, and critical problem resolution
Experience Knowledge of two factor implementation (Duo, VIP Manager and MS Authenticator)
Advanced knowledge and understanding of MS Active Directory, Organizational Units, and AD Groups
Familiarity with two factor authentications; setup and support
Adhere to strict rules and regulations when following procedures as per company policies and SOX Government / Compliance guidelines
Create and update documentation, policies, and procedures
So, what are the essential criteria to apply?
All candidates must evidence an existing right to work in the UK
5 years or more of experience in Active Directory engineering and Windows Server Engineering and operations.
2 years’ experience of people management
Expert level experience with Windows Server 2016 and 2019 with exposure to Windows Server 2022
Must have extensive knowledge in Azure AD, Conditional Access and Active Directory connect
Hands on experience in Active Directory Schema and Directory partitions
Deep experience managing Azure Active Directory including Azure AD Synch services
Expert level experience in Active Directory Federation.
Excellent project management, organizational, and follow-through skill set
We also have some desirable criteria
Must demonstrate strong interpersonal, written, and verbal communication skills and the ability to collaborate in a team environment.
Must demonstrate strong analytical, critical thinking, problem solving skills with ability to apply new technologies, concepts, & functionality to solve problems and implement solutions.
Strong fundamentals in networking protocols and troubleshooting
Self-starter with proven ability to work independently and within a technical team
Exceptional communication (written and oral) and interpersonal skills
Excellent organizational, multi-tasking, and time-management skills
Adaptive, responsive with can-do attitude and an eagerness to help others
Hours of work
US Hours, Mon-Fri 9-5 CT (Full time only).
Flexibility to meet business needs as required. 
