Security Engineer Active Directory at Standard Bank Group

Job Description

Directory Services Operations

• Administer and secure Microsoft Active Directory environments across multiple domains and forests.
• Manage Azure Active Directory, including synchronization with on-prem AD, Conditional Access, and identity protection features.
• Support and enforce Group Policy Objects (GPOs), DNS, DHCP, and AD replication health.
• Troubleshoot and resolve authentication, access, and directory-related issues.

Security & Compliance

• Implement and maintain security controls aligned to best practices and internal standards (e.g.Least Privilege, Tiering Models, Admin Boundaries).
• Manage privileged access using tools like Quest One/Privileged Management Suite, or similar.
• Participate in audits, respond to compliance requirements, and provide documentation as required.
• Monitor and report on directory service health, unauthorized changes, and security incidents.

Cloud & Hybrid Identity

• Support Azure AD Connect, SSO, and federation services (e.g., Azure Application Proxy or third-party providers)
• Configure and maintain Conditional Access, Identity Protection, and Application Proxy.
• Work closely with cloud and security teams to enable secure access to cloud workloads and SaaS apps.
• Support Active Directory Cloud environments for various regions in AWS.

Project Delivery

• Contribute to or lead Active Directory and IAM-related projects, including domain migrations, M&A integration, and automation efforts.
• Assist in deploying modern identity governance solutions and Zero Trust initiatives.
• Participate in cross-functional initiatives involving AD security, network segmentation, or endpoint hardening.

Operational Excellence

• Maintain runbooks and operational documentation for AD tasks.
• Handle Remedy (or ITSM platform) request queues and incident resolution within SLA.
• Provide technical mentorship to junior staff and peer support across teams.

Experience

• Minimum 5–7 years’ experience in an enterprise AD environment.
• Demonstrated track record of securing and maintaining identity infrastructure in large or
• regulated environments.
• Experience with incident response and audit preparation related to identity and access.

Soft Skills

• Clear communicator with strong documentation habits.
• Security-first mindset with a good sense of risk vs. practicality.
• Comfortable working in cross-functional teams and supporting business stakeholders.
• Proactive, detail-oriented, and able to work under pressure.

Preferred Certifications

• Bachelors Degree in Computer Science (advantageous)
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft Certified: Azure Security Engineer Associate
• CompTIA Security+, CISSP, or equivalent a plus
• MCSE or Equivalent