ExxonMobil Veterans

Job Information

ExxonMobil Senior Active Directory & PKI Engineer in Spring, Texas

Job Role Summary

The Active Directory & PKI team is looking for a new member to join us in Spring, TX. In this role, you will work with a product team to help deliver best in class Active Directory Support, Azure AD Support, automation using PowerShell, Public Key Infrastructure and Hardware Security Module (HSM) support, AD Rights Management Service and Active Directory Federation Services, VMWare, and engineering support for ExxonMobil.

As a member of the team, you will also collaborate with application developers, business customers, project managers, and other infrastructure teams. This roles requires on-call support. The ideal candidate should have a strong understanding of authentication protocols (e.g. NTLM and especially Kerberos including SPNs, delegation, keytabs, etc.), and be able to troubleshoot any issues related to authentication.

Job Role Responsibilities

  • Contribute in architecting complex AD solutions and deliver on time

  • Support AD Servers (i.e. for AD Domain Services, AD Certificate Services, AD Federations Services, & AD Rights Management Services), server hardware, and virtual machines that are hosting Active Directory core and adjacent services (i.e. includes both the VMWare hosts dedicated for AD services and the virtual machines hosted on the platform)

  • Support Active Directory forests/domains and their Domain Controllers for multiple environments that are hosted on premise and in the cloud (i.e. in both Azure and AWS)

  • Develop automation using modern configuration management tools

  • Automation of DC deployment and activities using Azure Automation (i.e. we use Azure automation services to automate both on premise and in the cloud)

  • Use PowerShell for managing AD, creating scripts, writing automation code, and much more!

  • Use Quest GPO Admin for managing AD Group Policy Objects

  • Employ Infrastructure as code mindset through the full infrastructure lifecycle

  • Participate in the team’s on-call support rotation and frequent troubleshooting calls

  • Maintain system integrity/availability and controls for AD/PKI core services

  • Recover AD/PKI core and adjacent services from unplanned outages as well as define, plan, and implement changes on required infrastructure environment

  • Build and support completely new AD forests and domains

  • Provide end-to-end support for customers and acting as an escalation point for other teams and/or organizations that depend on services provided

  • Develop and maintain technical and troubleshooting skills

  • Use Agile methodologies to quickly adapt to changes in requirements

  • Identify new ways of solving problems that increase efficiency

Expected Level of Proficiency

  • Bachelor's degree in computer science or a related field

  • Extensive knowledge of Windows Server, Azure, AWS, VMware, and Dell Servers

  • Strong PowerShell skills

  • Demonstrable experience in installing, configuring, monitoring and / or maintaining:

  • Windows Servers

  • Active directory related services (Ex: ADDS, ADCS, ADRMS)

  • ESXi

  • Working knowledge of software development practices include

  • Source control repositories

  • API management

  • Testing

  • CI\CD

  • Familiarity with Python, JSON, ARM Templates, and Cloud formation templates

  • Interest in DevOps and in how the entire IT process can be improved

Preferred Knowledge/Skills/Abilities:

  • Must speak, read and write English fluently.

  • Able to articulate technical issues to a non-technical audience.

  • Able to refine requirements from business end users, update technical design specification documentation.

  • Technical Analysis & Problem solving skills.

  • Act as a mentor for inexperienced Active Directory Engineers

ExxonMobil is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, citizenship status, protected veteran status, genetic information, or physical or mental disability.