Consumers Energy Sr Active Directory Engineer(Remote Opportunity) in Multiple Locations, Michigan
Join a diverse and dynamic team that makes and delivers the most valuable services in the world: electricity and natural gas. At Consumers Energy, our customers are at the heart of everything we do. Our employees work around the clock to provide service to our customers in honor of our history and to fulfill our promise to Michigan - Count on Us! Consumers Energy, the principal subsidiary of CMS Energy and headquartered in Jackson, Michigan, provides natural gas and electricity to nearly 6.8 million of Michigan's 10 million residents in all 68 Lower Peninsula counties.
The Directory Services Team (DST) within the IT department at Consumers Energy is responsible for architecting, upgrading and maintaining Microsoft Active Directory and related technologies such as Public Key Infrastructure (PKI), Single Sign-On (SSO), IPAM and HSMs. The team also works with other IT and business teams to conceptualize and design detailed solutions for specific projects enabling the organization to meet business objectives. With an emphasis on infrastructure, the team provides technical leadership to ensure technical designs and implementations are aligned with business requirements.
The Active Directory Engineer is responsible for architecting, upgrading and maintaining Active Directory and related technologies such as PKI, SSO, IPAM and HSMs. Working as part of a team, the Active Directory Engineer will work individually and collectively to resolve IT issues including system failures. Additionally, the Active Directory engineer will ensure compliance of technology solutions with architectural standards and participation in the full development life cycle of Directory Services projects.
Key Responsibilities include:
Extensive knowledge in all aspects of Active Directory related tasks and activities including management of Domain Controllers
Supporting, managing and implementing Microsoft Active Directory Federation Services (ADFS) as well as Azure Cloud Services
Rotating on call 24/7 support role
Design, develop and deliver automated services based on Azure Active Directory
Collaborate to define best practices and standards around Azure AD
Evaluate requirements and design solutions based on Azure Active Directory platforms
Participate in the evaluation of existing Active Directory Infrastructure, including application of best practices
Partner with business analysts, systems analysts and engineers in gathering and reviewing DST requirements
Collaborate with application and infrastructure teams to understand scope and requirements
Design DST solution architecture for complex, large-scale enterprise, integrating new systems and applications
Develop prototypes of the system design and work with database, operations, technical support and other IT areas as appropriate throughout development and implementation processes
Establish and communicate technical standards
Contribute to the evaluation and determination of software tools and operational feasibility of DST solutions
Align with Business Technology Partners in developing business processes for access request, provisioning, access review, user authentication & authorization
Ensure the quality of deliverables across multiple projects in terms of supporting requirements analysis and the technical architecture
Work with other architects’, Project Management Office and Change Management to ensure integrations are appropriately prioritized and support the business and IT strategic plan
Support the evolution of the DST program by implementing and leading integration processes, framework and activities
Work with business partners to implement single sign-on authentication solutions (SAML 2.0 or OIDC) for “Software as a Service” (SaaS) application integrations
Serve as a fully seasoned/proficient senior technical resource; provide subject matter knowledge and capabilities as team member and individual contributor
5+ years IT experience working in an enterprise environment
5 years of experience with Active Directory architecture and infrastructure
Expert level knowledge with supporting, managing and implementing Microsoft Active Directory with multiple Domains
Extensive (5+ years) experience working with the design and implementation of resilient, high-performing infrastructure with a focus on Active Directory solutions in a heterogeneous vendor environment, including:
Identity lifecycle management
Privileged Account Management
Authentication, Authorization & Single Sign-On (SSO)
Public Key Infrastructure (PKI)
Group Policy Management
Experience with security protocols (LDAP, SAML, SPML, XACML, WS-Security, WS-Federation, OIDC, etc).
Experience in working with business stakeholders outside of IT for business process assessment, analysis and design
Strong scripting skills in Power Shell, VBS, etc.
Strong technical skills in Active Directory
Certifications highly desirable (MCSE Certified - Core Infrastructure)
Strong interpersonal and communication skills with the ability to communicate with all levels in the organization
Broad knowledge and experience in Information Security
Proven ability to work effectively in a team setting as well as independently with minimal guidance
Excellent planning and organizational skills with an ability to understand the long-term ("big picture")
The following skills and experience will set you apart from others:
A bachelor's degree in Computer Engineering, Computer Science, Information Systems or other IT-related area
Masters or other advanced degree, ideally in an IT or Business field
Energy industry background that includes a working knowledge of effectively mapping technology to business challenges
Strong technical knowledge of Quest AD tools
Technical knowledge in SAP and experience in integrating DST solutions with SAP
10+ years IT experience with 5+ years architecting and deploying enterprise level technology projects for large companies
2+ years hands-on experience with Azure and Azure AD services
2+ years of experience focused on cloud environments (Azure/Azure Active Directory)
The IT Technical Job Family is utilized in Information Technology. Typically employees in this job family are required to design or maintain technology systems, to utilize various computer software programs, and to design, develop and/or provide advice and counsel on the operation of equipment, processes and procedures. They are responsible for ensuring adherence to laws and regulations applicable to Company employees. This job family includes Application Development, Infrastructure, Information Security, and Architecture.
Nature of Work
Duties can include network management, software development and database administration. May also provide technical support to a business or an organization's employees and train non-technical workers on the business' information systems. May design systems and assess the effectiveness of technology resources already in use or new systems that are being implemented. Determines the practicality of changes and modification of systems. Works with external partners, including consultants, agencies and vendors, to arrive at the most appropriate system or integration of multiple systems. With information technology constantly changing, must stay up-to-date on emerging technologies and the potential effectiveness of these advancements in their current system.
Works closely with department managers and users to define and analyze business and operational problems, process improvement opportunities and requirements; analyzes operational and business mandates and legal requirements; identifies and analyzes complex, ambiguous and/or conflicting business process issues; advises department managers on applications development, enhancement and maintenance issues; explains technology and process options and assists managers in analysis and decision making; analyzes management information needs and recommends data and reporting processes; coordinates the development of department priorities and works within IT to align initiatives to these priorities; facilitates user meetings and joint development sessions. Develops and refines business models and relationship diagrams; evaluates methods of improving efficiency and cost effectiveness of business, technical and operational processes; works with users to reengineer work processes; analyzes functional business requirements and translates user expectations into detailed business requirements, specifications and success criteria; works with Information Systems to develop conceptual proposals for business process automation initiatives; recommends work process and/or operational changes to complement system functionalities; serves as an advocate for department needs with IT; stays abreast of developments in departmental processes to anticipate emerging technology needs. Participates in the development of statements of work for RFPs/RFIs; participates in evaluating vendor applications and solutions; coordinates department review of vendor deliverables for accuracy and completeness, ensuring that department needs and requirements have been met. Develops significant application/hardware solutions to problems and addresses change request issues that require assignment of resources. Analyzes and troubleshoots complex and sometimes urgent applications problems and errors; takes action or communicates solutions to problems; answers technical questions and provides guidance to users on system functionalities and methods for correcting problems. Develops training materials and handouts; conducts user applications training classes and one-on-one training sessions; develops and maintains user and system documentation. Designs and generates custom reports to meet user needs; uses reporting tools to extract user-required data. Plans and coordinates the deployment of new technologies for client solutions; coordinates user acceptance testing and the resolution of problems identified. Regular attendance is expected.
Hours and Travel
Meet travel requirements of the position. Work a flexible schedule, which may include evenings, weekends, holidays and overtime.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, stand, walk, stoop, kneel, crouch, crawl, and use hands to finger, handle, or feel objects. The employee frequently is required to talk or hear. The employee must lift and move up to twenty pounds. Specific vision abilities required by this job include close vision, color vision, depth perception, and the ability to adjust focus. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually moderate.
Position will be filled at the appropriate salary grade based upon the skills, knowledge, and experience of the selected candidate.
All qualified applicants will not be discriminated against and will receive consideration for employment without regard to protected veteran status, disability, race, color, religion, sex, sexual orientation, gender identity or national origin.