Senior, ICT Infrastructure Engineer - Identity & Access Management

  • Senior-level, Full-time staff position
  • Posted on 7 February 2019

Job Description

Position Title: Sr ICT Infrastructure Engineer - Identy & Access Managment

GROUP: Information and Communications Technology (ICT)

Reports to: Director, ICT Infrastructure Services & Chief Architect


Position Summary:

The Senior ICT Infrastructure Engineer is responsible for leading the installation, and maintenance of network and computer systems while supporting and enhancing Winrock’s cyber security posture. This position also serves as an integral member of the ICT team involved with ICT support service delivery, as well as leading and collaborating on ICT standards and strategies. In addition, the role holder will lead efforts to monitor and report key metrics on the status of Field office ICT health and act as the primary interface between the ICT field activities and HQ ICT.

Major Responsibilities:

  • Provide leadership and technical expertise as part of a global ICT solutions team responsible for designing, delivering and maintaining complex and critical ICT infrastructure and systems as part of larger Winrock solutions.
  • Demonstrate leadership and foster collaborative team approach and interact well with front line and management providing consultation and expert advice on systems and security related topics.
  • Provides technical leadership in the planning and implementation of additions and modifications to the supporting home office and field infrastructure including the installation of server and networking hardware and operating systems software and other related software both on-premise and cloud based, as required.
  • Troubleshoot complex application and system interactions to quickly resolve live-site and supportive system incidents.
  • Provide technical leadership with the administration of the Winrock’s corporate infrastructure.
  • Provide level 3 and subject matter expert (SME) technical expertise in Identity and Access Management (IAM) related services, and supporting authentication services including web services, Single Sign-On (SSO), federation, ADFS, and Microsoft Web Application Proxy (WAP) configuration and remediation.
  • Responsible for developing, monitoring, maintaining, and supporting Microsoft Identity Management/ Forefront Identity Management (MIM/FIM) infrastructure and processes including synchronization service, portal service, managed identities and workflows.
  • Maintain existing Enterprise PKI / Certificate infrastructure, maintain certificate template and issuance to requestors.
  • Provide level 3 and subject matter expert (SME) technical expertise related to Microsoft AD and other relevant components, including workflow automation between Active Directory, Exchange and Microsoft O365.
  • Responsible to monitor and manage the synchronization processes required to maintain the Microsoft hybrid identity solutions that span on-premises and cloud-based capabilities creating a common user identity for authentication and authorization to all resources, regardless of location.
  • Conduct in depth technical IAM research, assessments and performance analysis to support and design technical automated IAM strategies. Develops and maintains technical solutions for the ongoing improvement of identity life cycle management. As the SME, responsible to recommend and oversee improvements, corrections, remediation or requirements for IAM operational role.
  • Collaborate actively with ICT team members to solve business problems with systems and process solutions that fit our standards while identifying, evaluating and participating in decision making around new and emerging IAM automation activities.


  • Bachelor’s degree in computer science or related field required, master’s degree preferred.
  • 5+ years providing ICT services at firms with multinational presence and greater than 1,000 employees required.
  • Thorough understanding of Microsoft’s hybrid identity solution concepts.
  • 2+ years of experience with Microsoft Azure AD, Azure AD management, creating and advanced PowerShell scripting ability, Hybrid Microsoft Exchange on Premise and Office 365 is a plus.
  • Extensive knowledge and understanding of solutions leveraging, ADFS, WAP, SSO, OAuth, OpenID, SAML, MFA
  • Analyzing Log files / Triage / troubleshooting skills. Strong analytical skills for troubleshooting and issue investigations and ability to work under pressure.
  • Hands on experience using DirSync to synchronize identity data to cloud.
  • Knowledgeable in Microsoft’s Forefront Identity Manager (FIM) and/or Microsoft Identity Manager (MIM)
  • Experience with AWS, and related cloud application infrastructure is a plus
  • Thorough understanding of Microsoft Domain concepts such as Domain/Forest trusts, Replication, NTFS/ACL permissions, Group Policies, etc.
  • Ability to work independently with minimal supervision.
  • Excellent verbal and written communication skills (English).
  • Flexible individual open to work during off-shift hours as per the on-call schedule
  • Must be up to date with industry developments
  • Position requires travelling to HQ and developing countries.

Qualified candidates should apply via e-mail to indicating only “Sr. ICT Infrastructure Eng.” in the subject line, by February 28. The e-mail should contain your CV, cover letter, and three (3) professional references. Winrock will only contact candidates considered for the position.

About the Organization

Winrock International is a nonprofit organization that works with people in the United States and around the world to empower the disadvantaged, increase economic opportunity, and sustain natural resources. By linking local individuals and communities with new ideas and technology, Winrock is increasing long-term productivity, equity, and responsible resource management to benefit the poor and disadvantaged of the world.

Similar Jobs