Duration: contract to run until 30/11/2026
Rate: up to £290.90 p/d Umbrellainside IR35
We are seeking a Windows Server Engineer with strong automation and integration capabilities to support the extraction and provisioning of user account data into enterprise Identity & Access Management (IAM) platforms.
The role will focus on automating the retrieval of user accounts (primarily from local Windows SAM databases and/or Active Directory) and integrating these into downstream IAM feeds using PowerShell, Ansible, and API-based integrations.
This position is critical in ensuring accurate, secure, and automated identity data flows across the infrastructure estate.
Key Responsibilities
Windows & Identity Engineering
- Manage and support Windows Server environments (2016/2019/2022)
- Extract and manage local user and group accounts (SAM database)
- Support integration with Active Directory where applicable
- Identify and manage local accounts (e.g., service, admin, break-glass)
Automation & Scripting
- Develop and maintain PowerShell scripts to:
- Extract user account data from local systems (SAM) or AD
- Transform data into IAM-compatible formats (JSON, CSV, XML)
- Build and maintain Ansible playbooks for:
- Scheduled and repeatable IAM feed execution
- Secure and compliant with enterprise policies
API & IAM Integration
- Design and implement API-based integrations to IAM platforms
- Enable automated identity data feeds using REST APIs:
- Perform data mapping and transformation between source systems and IAM schema
Data & Governance
- Ensure integrity and quality of user identity data feeds
- Support audit and compliance requirements:
- Logging and traceability of account extraction
- Identification of orphaned or unmanaged accounts
- Collaborate with IAM and security teams to:
- Improve identity governance controls
Operational & Continuous Improvement
- Enhance automation frameworks to reduce manual effort
- Identify opportunities to:
- Replace local account usage with centralized identity
- Improve security posture (e.g., reduce local admin sprawl)
- Contribute to documentation:
- Runbooks
- Data flow mappings
Required Skills & Experience
Core Technical Skills
- Strong experience with Windows Server administration
- Advanced PowerShell scripting (mandatory)
- Hands‑on experience with Ansible (Windows modules / WinRM)
Experience working with:
- Local SAM accounts (Get-LocalUser, WMI, CIM)
- Active Directory (preferred)
Integration & API Skills
Experience with:
- REST APIs (GET/POST/PUT)
Understanding of:
- Experience integrating with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, Okta) is highly desirable
Infrastructure & Security
Knowledge of:
- Windows security model and account management
- Privileged access and identity governance concepts
Familiarity with:
- Enterprise security standards
- Audit and compliance requirements
- Experience in Financial Services environments
- Exposure to Identity Governance & Administration (IGA) tools
- Knowledge of ServiceNow (for workflow/orchestration)
- Experience with CI/CD pipelines for automation scripts
- Understanding of hybrid identity environments (on-prem + cloud)
- Strong analytical and problem‑solving skills
- Ability to operate in complex, distributed environments
- Excellent stakeholder communication (IAM, Security, Infra teams)
- Focus on automation, accuracy, and operational resilience
