*Hello ,* *Hope you are doing great!*
*Please find the Urgent Requirement. Kindly share the matching profiles with me.* *Job Title : * *IAM/**IDM Solutions Architect* *Position : 1* *Location : Rosemont, IL* *Duration : 6 Months* *Interview **: Face to Face* *Note : Need Local Consultant Only. * *Description:* *This is for Burwood Group (consulting firm) for their client, Reyes Holdings. I have a consultant on project there now and he needs help with* *IAM / IDM practices… solution recommendations, design, policy, etc.. It’s an Active Directory environment.* *Experience with solutions architecture in regards to IDM / IAM solutions (Identity Management / Identity Access Management) and Active* *Directory design is mandatory. H1B visa candidates are okay, but great communication skills is mandatory. * *Project Scope:* In the interest of isolating access rights to avoid data exposure (see ransomware) and to prevent undue data/document access, an Identity Access Management infrastructure and policy needs to be developed and implemented. *Architectural review:* · AD design Review · IDM Solution review and recommendations · IDM Design · IDM Policy and solution implementation *This includes:* · Review and update the term and creation process to stop the hemorrhaging. o If there no security group, create one and the appropriate permissions – need a naming standard and policy limitations around the permissions o Don’t add a user to a role, add a group, if the group doesn’t exist, create one – need guidelines around this. · Removing domain admin access from ALL service accounts · Restricting domain admin access to fewer than 10 individuals · Mandating that all administrative login and actions are initiated and executed with a personal (non-anonymous) account o Communicate to all affected admins · Mandating that all new access CANNOT be cloned o Change IT request form o Communicate to ITSC · Reviewing existing access and permissions o All access should be centralized (some access is defined on the application) · Develop roles/group membership based on that access · Interview all department heads to confirm roles · Test access with select individuals for each of the roles · Roll out to the rest of the company · Remediate issues - modify roles as appropriate · Provide exceptions - where needed · Lock down the roles · Establish EPMO framework mandating that all new apps need to be integrated with AD/LDAP with permissions defined in AD *Create policies, process and procedures around:* · Maintaining the roles · Maintaining the access control framework · When and how to modify the roles · Access exception policy and procedure · Create a new standard and corresponding policies for MACD user accounts o Establish a codified process for ITSC and HR around MACD o Instruct the ITSC on the new policy · Prohibiting Cloning. *Thanks,* *Jason* *Sr.Technical Recruiter* *TEKTREE LLC* *Work* : (734) 661-7969 <%28734%29%20661-7969> *Fax* : (302) 397-2097 *Email * : *ja...@tektreeinc.com <sh...@tektreeinc.com> **Website*: www.tektreeinc.com -- You received this message because you are subscribed to the Google Groups "REQSRESUMES" group. To unsubscribe from this group and stop receiving emails from it, send an email to reqsresumes+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. Visit this group at http://groups.google.com/group/reqsresumes. For more options, visit https://groups.google.com/d/optout.