1. Engage in Unix Security Administration project to assist in clean up of Unix Server environment.
2. Requires a bachelor's degree with at least 5 years of experience in the field.
3. Familiar with a variety of the Unix Security Administration concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals.
4. Performs a variety of tasks.
5. May lead and direct the work of others.
6. A wide degree of creativity and latitude is expected. Typically reports to a supervisor or manager.
Project activities include:
Audit of each server accounts:
The current list of accounts on existing servers must undergo an audit to determine residual local accounts that are no longer applicable to current Employees. These findings must be documented, verified and accounts removed from servers so they do not get migrated to Centrify. BU involvement is necessary as per the current procedure before accounts are removed so any residual user process/files are retained.
Identify current UID/GID of the remaining “Valid” users (Determined from above):
Based on the current passwd/group file on each server, the current UID/Primary GID/additional group memberships for the user must be documented per server. Also determine the appropriate valid logons that are consistent across groups of servers.
Create the AD account (If necessary):
For any identified users that do not have a current valid AD account in the gdc.local domain, an AD account must be created.
Identify accounts that are not compliant per UID:
The remaining “verified” standard/specific server user accounts UID value must be compared to the current “Standard” assigned UID. This is the UID value to use for the Centrify Unix profile created in the next step. If the UID is not set to what the Security team’s “standard” UID is for that user it must be documented as an “except
Create UNIX profile (If necessary):
Centrify UNIX profiles must be created for any users that currently do not have one and the “standard” UID/GID set at this point. This will be the “ongoing” UID/primary GID for these users for ALL servers.
Pre-stage computer objects within Centrify:
Create the computer objects within the appropriate Centrify zone.
Creating computer login roles:
Based on all the info collected define specific computer roles for specific groups of servers to enable users/groups of users access to groups of servers. This will be the specific way to grant login rights to specific servers/groups of servers for users.
1. Minimum of 5 years’ experience with security applications on Unix.
2. Strong knowledge of Unix.
3. Ability to work in a geographically separated team environment and with minimal direct supervision
4. Proactive individual with fast learner capability
5. Results driven person that drives himself to stay within accepted SLAs for the services he provides.
6. Strong demonstrated knowledge of Internet architectures and technologies, including web, application, and security techniques for secure and robust delivery of services
7. Strong English skills, both written and verbal
8. Technical knowledge and familiarity with authentication, authorization, and access controls, including directory services technologies (Active Directory, LDAP, DNS) and local server authentication mechanisms
9. Understanding of basic concepts with scripting and command shell (a plus)
10. 5 years work experience with security administration, one of which have been spent administering major security systems: Active Directory, Mainframe (RACF, TopSecret) and/or managing the access web appl such as: Oracle, CA Unicenter/Siebel, RSA SecurID Token administration, RPM (web appl), Digital certificates.
11. Proficiency with at least two major security systems mentioned above is required
12. Strong demonstrated conceptual knowledge and understanding of security related technologies including Access Control Lists, encryption, IPsec, VPN, proxy services, and logging
| 