Job Title: AD Hardening Workstream Lead
Location: London, UK
Job Type: Permanent
Work mode: Hybrid
Workstream 1: AD Hardening and ACL XRAY Tasks for Tiered Deployment ?- On Prem
•Assist Microsoft SMEs in the running and Maintenance of the ACLXray Tool
•Lead Workshops for review of all exposure reports provided by ACLXray Tool
•Documentation and Meetings to support Change Management and review Gates
•Remediation Task to be performed based on Exposures reported by ACLXray Tool
•Testing of remediation tasks in preprod environment
•Produce needed task updates based on results from preprod
•Execution of remediation tasks in prod environment
•Ongoing documentation of changes
•Creation of necessary standards, procedures, and automation to maintain improved state
•Create technical roadmap of work
•Direct x2 Off-shore consultants
Scope of work:
•Ensure all ACL Xray vulnerabilities have been resolved including all Delegation of control Findings.
•Role-Based Access Control (RBAC)- Define, document and enforce the policies to limit administrative privileges on accounts to those necessary for their functions.
•Create Organizational Units (OUs) - Structure the Active Directory using OUs that reflect our organizational needs for the new tiering.
•Group Policy Objects (GPOs) - Develop specific GPOs that apply security settings, password policies, and account policies for Tier 0 accounts.
•Firewall Rules - Only allow essential traffic between Tier 0 and other tiers or networks.
•Final survey of all the remaining security services that need to be imported into Tier 0
•Final list of all user accounts that need Tier 0 analogs.
•Review all third-party access to the Tier 0 environment
•Review security risks associated with third-party applications and services that interact with the AD
•Design document for remaining Tier 0 services (ie, Beyond Trust, Varonis, SPLUNK, etc)
•Alerting to be setup using Varonis to capture all attempts to bypass Tier 0 infrastructure
•Complete migration of all designated security and other critical services into Tier 0
•Final survey of all current servers that should be designated Tier 1, including owners
•Design and documentation detailing the process for Tier designation during provisioning and decommissioning process
•Completed migration plan for moving servers into Tier1
•Completed proposals for implementation of RODC in for remote site and service authentication
•Completed proposal for creating auxiliary classes to add specific attributes to user/computer objects
•Complete Migration of all Tier 1 resources in production.
•Document Procedures - Maintain thorough documentation of configurations, processes, and changes made during the creation of Tier 0.
•Training - Educate all IT personnel on security practices and operational protocols for managing Tier 0.