About Us: Baker Hughes, a GE company (NYSE:BHGE) is the world’s first and only fullstream provider of integrated oilfield products, services and digital solutions. We deploy minds and machines to enhance customer productivity, safety and environmental stewardship, while minimizing costs and risks at every step of the energy value chain. With operations in over 120 countries, we infuse over a century of experience with the spirit of a startup – inventing smarter ways to bring energy to the world. Follow Baker Hughes, a GE company on Twitter @BHGECo, or visit us at BHGE.com.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: They will be responsible for implementing the overall security roadmap and standards for BHGE’s Active Directory, by reviewing the existing and proposed AD architecture, identifying security design gaps, and recommending changes, mitigations or enhancements. The experienced individual will serve as Active Directory information security subject matter expert. They will identify BHGE AD security architecture requirements,design and implement security architecture patterns to mitigate threats
Lead the Active Directory secure design and implementation of the design, with focus on Identity and Access Management solutions, principles and techniques.
Work with GE Active Directory teams to ensure the design meets policies and best practices.
Satisfy compliance requests for auditors, customers, and third party contacts.
Partner with IT Owners, IT Functions and CoEs to ensure AD tools and processes are effective and robust to adhere to BHGE requirements.
Plan and effectively manage the schedule of activity across AD systems scope
Manage & deliver AD control testing, status reporting, defect remediation, metrics, and dashboards using multiple tools and mediums (PowerPoint, Access, Excel, SharePoint).
Execute ad-hoc initiatives, defined by the BHGE Access Management Leader to remediate identified gaps, improve the overall control environment and enhance BHGE AD.
Providing content and deliver status updates for key stakeholders, including but not limited to, IT Risk, P&L leaders, IT and Control Owners.
Establish key relationships and liaise with IT functions, CoEs and BHGE IT Owners.
At least seven 7 years of experience as MS Active Directory Systems Design Architect with a demonstrated track record in the development and deployment to production of increasingly more complex solutions.
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
Ability to lead cross-functional teams.
Experience with assessment, design, pilot and upgrades/implementations of enterprise directory services technologies:
TCP/IP including DNS integration
Group Policies (GPO)
Forefront Identity Manager (FIM)
Microsoft/Quest/Dell Migration Tools
Active Directory Federation Services (ADFS), SAML, web Single Sign-on (SSO), OAuth and related authentication technologies
Microsoft Public Key Infrastructures
Federated identity systems (Microsoft ADFS, Ping Federate. Etc.).
Microsoft Radius/NPS Services
Understands application integrations for identify and access management
Multi factor authentication (MFA) both token and cloud.
Knowledge of regulatory requirements as they relate to IT General Controls
Experience with developing, applying and following Identity Management Processes and user life cycle processes.
Experience of any other technologies used for IAM (SunIDM, Sailpoint, CyberArk, DB Protect, GRC)
Recognized certifications such as CISA, CRISC, CGEIT, CIA, CISM, CISSP, etc.
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.