Job DescriptionJoin a world-class academic healthcare system, UChicago Medicine, as an Active Directory Engineer – Specialist in our Information Security department. This position will be primarily a work from home opportunity with the requirement to come onsite as needed.This individual will be part of the Security Engineering team and will play a key role in Active Directory modernization, hybrid cloud identity integration, domain consolidation, and enterprise-grade SSO solutions. This position helps administer and provides leadership of the day-to-day operations of key system environment(s). Assists in the design, administration, analysis, evaluation, troubleshooting, and documenting of complex existing technology systems (e.g., technical platforms, SAN solutions, e-mail systems, network operating systems, etc.). Technical professional (subject matter expert) to assist with more complex testing and analysis of all elements of the systems’ capabilities. Understands the business impact of events and decisions made relating to system changes/enhancements. Helps make decisions and determine policy to maximize system availability.Essential Job Functions
Architect, implement, and support hybrid identity infrastructure integrating on-prem Active Directory with cloud-based services (e.g., Azure AD, Entra ID, Okta, AWS IAM).
Lead domain migration and consolidation projects across complex enterprise environments.
Manage and optimize LDAP directories and identity sync tools between internal and external systems.
Design and maintain secure, scalable SSO configurations using SAML, OAuth, OIDC, and federation technologies.
Develop and enforce Group Policy Objects (GPOs), domain trusts, and domain controller health.
Responsible for all activities related to system administration and continually reviews and improves the current process and procedures.
Analyzes causes of issues, delays, or problems and takes necessary corrective action to alleviate problem areas.
Ensures long-term requirements of systems operations and administration are included in the overall information systems planning of the organization.
Responsible for the installation, maintenance, configuration, and integrity of systems software.
Maintains and upgrades hardware and software including technical architecture related to hardware and basic network connectivity.
Implements operating system enhancements that will improve the reliability and performance of the system.
Establishes/recommends policies on system use and services.
Responsible for design, support and implementation of Disaster Recovery and High Availability plans.
Acts as resource for other Security Engineers and mentors less experienced Security Engineers.
Stays current with system technology and trends.
Required Qualifications
BS or BA degree, Computer Science, Engineering, or equivalent education, training or work experience
Experience in AD Domain consolidation
Experience working with domain trusts and multi-forest / multi-domain organizations
Knowledge of modern Directory Services architectures
Experience with EntraID / Azure Active Directory
Experience with on-prem, Cloud and hybrid directory environments
Hands-on experience with PowerShell scripting for automation and reporting
Familiarity with identity federation (ADFS, SAML, OAuth) and hybrid identity configurations
Understanding of security best practices for AD, including tiered administration models
Familiarity with identity governance and privileged access management solutions
Independent problem-solver with ability to sort through issues and conducts comparative analysis of multiple solutions (i.e. skilled in problem analysis; pays very close attention to detail)
Able to work in a team environment or independently
Excellent listening and organizational skills with emphasis on detail and follow-through
Able to organize and delegate tasks, coordinate projects and be willing to advise others
Skilled in project management and work plan development and implementation
Effective oral and written communication skills and interpersonal skills
Preferred Qualifications
Master’s degree
Healthcare experience
Position Details
Job Type/FTE: Full Time (1.0 FTE)
Shift: Days
Location: Remote
Unit/Department: Information Security Office
CBA Code: Non-Union
Why Join UsWe’ve been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We’re in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you’d like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we’re doing work that really matters. Join us. Bring your passion.UChicago Medicine is growing; discover how you can be a part of this pursuit of excellence at: .UChicago Medicine is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, ethnicity, ancestry, sex, sexual orientation, gender identity, marital status, civil union status, parental status, religion, national origin, age, disability, veteran status and other legally protected characteristics.Must comply with UChicago Medicine’s COVID-19 Vaccination requirement as a condition of employment. If you have already received the vaccination, you must provide proof as part of the pre-employment process. This is in addition to your compliance with the Flu Vaccination requirement as well. Medical and religious exemptions will be considered consistent with applicable law. Lastly, a pre-employment physical, drug screening, and background check are also required for all employees prior to hire.Compensation & Benefits OverviewUChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position.The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union.Review the full complement of benefit options for eligible roles at .
