Account Management Engineer

Peraton is seeking a skilled Account Management Engineer with expertise in Microsoft Windows environments to manage and maintain user accounts, access controls, and security policies within an enterprise IT infrastructure. This role involves overseeing Active Directory (AD) and Azure Active Directory (AAD) environments, ensuring efficient account provisioning, deprovisioning, role-based access controls (RBAC), and overall security compliance for users and applications. The ideal candidate will have a strong background in identity management, access governance, and Windows administration, with a focus on streamlining workflows and maintaining secure, compliant systems.

Day to Day Responsibilities:

• Administer and maintain Active Directory (AD) and Azure Active Directory (AAD) environments, including user accounts, groups, organizational units (OUs), and access control policies.
• Perform user account provisioning, deprovisioning, and role-based access management (RBAC), ensuring compliance with security policies and business requirements.
• Implement and manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation for Windows-based and cloud applications.
• Ensure proper account lifecycle management from onboarding to offboarding, and manage group memberships, permissions, and access reviews.
• Configure and enforce security policies for user access, password policies, and authentication methods to ensure the highest level of security.
• Monitor and audit account activity to detect and mitigate any unauthorized access or potential security breaches.
• Ensure compliance with industry regulations such as HIPAA, GDPR, SOX, and other relevant frameworks related to identity and access management.
• Maintain security best practices for AD and AAD environments, including account lockout policies, password resets, and MFA enforcement.
• Work with development and IT operations teams to integrate third-party applications and services with AD and AAD for seamless user management.
• Develop and maintain automation scripts using PowerShell, Azure CLI, or other tools to streamline account provisioning, deprovisioning, and access control processes.
• Integrate identity management tools with enterprise systems (e.g., ServiceNow, Okta, etc.) for improved workflow and auditing capabilities.
• Act as the primary point of contact for user account issues and provide support for password resets, access request approvals, and troubleshooting of access issues.
• Work with security teams to identify, investigate, and resolve security incidents related to user accounts and access.
• Collaborate with cross-functional teams to optimize access policies and ensure seamless user experience across systems and applications.
• Maintain clear and comprehensive documentation for user account processes, security policies, and troubleshooting guides.
• Prepare and present regular reports on account activity, audit findings, and compliance status to stakeholders and leadership.
• Ensure thorough audit trails for user account changes and access permissions.

#TSAIMPACT

Basic Qualifications:

• Bachelors degree and 0 years of experience or a High School diploma and 4 years of experience.

• U.S. Citizenship required; Must have the ability to obtain a DHS Entrance on Duty (EOD) clearance

• Experience in account management, identity & access management (IAM), or Windows administration.
• Strong expertise in Active Directory (AD), Azure Active Directory (AAD), and identity management principles.
• Experience with user provisioning, deprovisioning, role-based access control (RBAC), and permissions management.
• Knowledge of single sign-on (SSO), multi-factor authentication (MFA), and identity federation.
• Proficiency in PowerShell scripting for AD automation and Azure CLI for cloud-based management.
• Familiarity with Windows Server environments and related administration tools (Group Policy, DNS, DHCP, etc.).
• Understanding of security best practices and compliance standards (HIPAA, GDPR, SOX, etc.) related to account and access management.
• Strong troubleshooting skills and experience with account-related issues and security incidents.
• Excellent communication skills for working with technical teams and non-technical stakeholders.

Preferred Qualifications:

• Microsoft Certified: Azure Administrator Associate (AZ-104)
• Microsoft Certified: Identity and Access Administrator Associate (AZ-500)
• CompTIA Security+ or Certified Information Systems Security Professional (CISSP)
• ITIL Foundation Certification (preferred for service management and process optimization, must obtain within 30 days of employment).

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.