Job Description

Job Overview

Business Segment:

Personal & Private Banking

Location:

ZA, GP, Johannesburg, 30 Baker Street

Job Type:

Full-time

Job Ref ID:

80443861A-0001

Date Posted:

8/1/2025







Directory Services Operations



Administer and secure Microsoft Active Directory environments across multiple domains and forests.

Manage Azure Active Directory, including synchronization with on-prem AD, Conditional Access, and identity protection features.

Support and enforce Group Policy Objects (GPOs), DNS, DHCP, and AD replication health.

Troubleshoot and resolve authentication, access, and directory-related issues.



Security & Compliance



Implement and maintain security controls aligned to best practices and internal standards (e.g.Least Privilege, Tiering Models, Admin Boundaries).

Manage privileged access using tools like Quest One/Privileged Management Suite, or similar.

Participate in audits, respond to compliance requirements, and provide documentation as required.

Monitor and report on directory service health, unauthorized changes, and security incidents.



Cloud & Hybrid Identity



Support Azure AD Connect, SSO, and federation services (e.g., Azure Application Proxy or third-party providers)

Configure and maintain Conditional Access, Identity Protection, and Application Proxy.

Work closely with cloud and security teams to enable secure access to cloud workloads and SaaS apps.

Support Active Directory Cloud environments for various regions in AWS.



Project Delivery



Contribute to or lead Active Directory and IAM-related projects, including domain migrations, M&A integration, and automation efforts.

Assist in deploying modern identity governance solutions and Zero Trust initiatives.

Participate in cross-functional initiatives involving AD security, network segmentation, or endpoint hardening.



Operational Excellence



Maintain runbooks and operational documentation for AD tasks.

Handle Remedy (or ITSM platform) request queues and incident resolution within SLA.

Provide technical mentorship to junior staff and peer support across teams.

Qualifications



Technical Skills



Strong experience with Microsoft Active Directory (2016-2022) and Azure AD.

Familiar with Entra ID, LDAP, Kerberos, SAML, OAuth, and certificate-based

authentication.

Experience with PowerShell scripting for automation and auditing.

Exposure to IAM and PAM solutions (e.g., Quest One, CyberArk, BeyondTrust).

Familiarity with Defender for Identity, conditional access, and identity threat detection tools.



Experience



Minimum 5-7 years' experience in an enterprise AD environment.

Demonstrated track record of securing and maintaining identity infrastructure in large or

regulated environments.

Experience with incident response and audit preparation related to identity and access.



Soft Skills



Clear communicator with strong documentation habits.

Security-first mindset with a good sense of risk vs. practicality.

Comfortable working in cross-functional teams and supporting business stakeholders.

Proactive, detail-oriented, and able to work under pressure.



Preferred Certifications



Bachelors Degree in Computer Science (advantageous)

Microsoft Certified:

Identity and Access Administrator Associate (SC-300)

Microsoft Certified:

Azure Security Engineer Associate

CompTIA Security+, CISSP, or equivalent a plus

MCSE or Equivalent

Additional Information

Behavioural Competencies:

Articulating Information

Challenging Ideas

Developing Expertise

Developing Strategies

Embracing Change

Empowering Individuals

Examining Information

Exploring Possibilities

Interacting with People

Making Decisions

Showing Composure

Team Working

Technical Competencies:

Incident and Problem Management

Information Security Management

IT Design Driven Development

IT Knowledge

Service Management Processes

Technical Analysis

Trouble Shooting

Use of Build and Test Automation

Please note:

All our recruitment processes comply with the applicable local laws and regulations. We will never ask for money or any from of payment as part of our recruitment process. If you experience this, please contact our Fraud line on +27 800222050 or TransactionFraudOpsSA@standardbank.co.za