Enterprise Identity Engineer

Enterprise Identity Engineer

• Pay Rate: $70.00 – $85.00/hour on W2
• Contract Length: 12 months
• Location: – Spring, TX 77389 (Onsite) 

Raise is currently hiring a contract team member on behalf of our client. They’re expanding their team to meet growing needs, making this a unique opportunity to work with an industry leader.  

Overview

• We are seeking a highly skilled Enterprise Identity Engineer to manage, support, and secure enterprise identity infrastructure.
• This role is responsible for the administration, reliability, and security of Active Directory and related identity services that underpin critical business systems.
• The position includes Tier 0 / Enterprise Administrator access, requiring the highest levels of trust, security awareness, and technical expertise.
• Due to the elevated cybersecurity risk associated with this role, candidates must be willing to successfully complete an enhanced background check as a condition of assignment.
• This is an onsite role based in Houston, TX, supporting a large‑scale enterprise environment and participating in an on‑call rotation for identity and security services.

Responsibilities

• Administer, maintain, and secure Active Directory (AD) environments, including domain controllers, replication, DNS, and security hardening.
• Manage Active Directory Certificate Services (ADCS) and enterprise Public Key Infrastructure (PKI), including certificate lifecycle management.
• Support and maintain Active Directory Federation Services (ADFS) and integrations with internal and external identity providers.
• Implement and manage Azure Information Protection (AIP) to support enterprise data security and classification initiatives.
• Configure and manage Hardware Security Modules (HSMs) for cryptographic key protection and secure operations.
• Design, implement, and enforce Group Policy Objects (GPOs) to meet security, compliance, and operational standards.
• Ensure secure authentication and authorization through deep expertise in Kerberos, Service Principal Names (SPNs), and keytab management.
• Utilize Quest tools (Change Auditor, RMAD, GPOAdmin) for auditing, monitoring, disaster recovery, and policy governance.
• Deploy and manage cloud infrastructure in AWS, leveraging Terraform and Infrastructure‑as‑Code (IaC) practices for automation and consistency.
• Develop and maintain PowerShell automation scripts for operational efficiency, reporting, and security controls.
• Partner with cybersecurity and compliance teams to ensure adherence to enterprise security standards and best practices.
• Participate in an on‑call rotation to support critical identity and security services and resolve high‑severity incidents.
• Work as part of an Agile team, participating in ceremonies and collaborating with application developers, business stakeholders, and infrastructure teams.

Required Qualifications

• Strong experience administering Active Directory in complex, enterprise‑scale environments.
• Hands‑on expertise with ADCS, PKI, and certificate lifecycle management.
• In‑depth knowledge of Kerberos authentication, SPNs, and keytabs.
• Advanced experience managing and troubleshooting Group Policy Objects (GPOs).
• Proficiency in PowerShell scripting for automation, auditing, and reporting.
• Experience with Terraform and Infrastructure‑as‑Code concepts.
• Familiarity with AWS infrastructure and cloud‑based identity integrations.
• Experience using Quest Change Auditor, RMAD, and GPOAdmin.
• Solid understanding of enterprise security principles, especially those related to privileged access and identity protection.
• Ability to meet requirements for enhanced background screening due to Tier 0 access.

Preferred Qualifications

• Experience with Azure Information Protection (AIP) or Microsoft security and identity services.
• Knowledge of HSM configuration and cryptographic key management.
• Experience supporting identity platforms in regulated or high‑security environments.
• Prior work in large enterprises or oil & gas–scale environments.

Soft Skills

• Strong analytical and problem‑solving skills.
• Excellent written and verbal communication.
• Ability to work independently while collaborating effectively with cross‑functional teams.
• High attention to detail and sound judgment when handling sensitive systems and access.

Looking for meaningful work? We can help

Raise is an established hiring firm with over 65 years of experience. We believe strongly in making the world a better place through work, which is why we’re a certified B Corporation and donate 10% of our profits to charity.

We strive to build teams that reflect the diversity of the communities we work in. We encourage all qualified applicants to apply, including people from traditionally underrepresented groups such as women, visible minorities, Indigenous peoples, people identifying as LGBTQ2SI, veterans, and people with visible/nonvisible disabilities.

We have a dedicated webpage for accommodations where you can learn more about what we offer, and request accommodation: https://raise.jobs/accommodations/

In order to submit candidates for roles, our clients will sometimes require personal information to confirm the identity of applicants and their legal status to work. Raise will never ask you for personal or banking information unless you have been selected for a job. If you are ever unsure about the legitimacy of this or another job posting by Raise (or have any other questions), please contact us at +1 800-567-9675 or hello@raiserecruiting.com

#HOTJOB