Windows Server Engineer

Role OverviewWe are seeking a Windows Server Engineer with strong automation and integration capabilities to support the extraction and provisioning of user account data into enterprise Identity & Access Management (IAM) platforms.The role will focus on automating the retrieval of user accounts (primarily from local Windows SAM databases and/or Active Directory) and integrating these into downstream IAM feeds using PowerShell, Ansible, and API-based integrations.This position is critical in ensuring accurate, secure, and automated identity data flows across the infrastructure estate. Key ResponsibilitiesWindows & Identity EngineeringManage and support Windows Server environments (###############22)Extract and manage local user and group accounts (SAM database)Support integration with Active Directory where applicableIdentify and manage local accounts (e.g., service, admin, break-glass) Automation & ScriptingDevelop and maintain PowerShell scripts to:Extract user account data from local systems (SAM) or ADTransform data into IAM-compatible formats (JSON, CSV, XML)Build and maintain Ansible playbooks for:Remote user account discovery across server estateScheduled and repeatable IAM feed executionEnsure automation is:Scalable across large estatesSecure and compliant with enterprise policies API & IAM IntegrationDesign and implement API-based integrations to IAM platformsEnable automated identity data feeds using REST APIs:Push user data into IAM systemsHandle authentication (OAuth, tokens, certificates)Perform data mapping and transformation between source systems and IAM schema Data & GovernanceEnsure integrity and quality of user identity data feedsSupport audit and compliance requirements:Logging and traceability of account extractionIdentification of orphaned or unmanaged accountsCollaborate with IAM and security teams to:Define data standardsImprove identity governance controls Operational & Continuous ImprovementEnhance automation frameworks to reduce manual effortIdentify opportunities to:Replace local account usage with centralized identityImprove security posture (e.g., reduce local admin sprawl)Contribute to documentation:RunbooksArchitecture diagramsData flow mappings

Core Technical SkillsStrong experience with Windows Server administrationAdvanced PowerShell scripting (mandatory)Hands-on experience with Ansible (Windows modules / WinRM)Experience working with:Local SAM accounts (Get-LocalUser, WMI, CIM)Active Directory (preferred) Integration & API SkillsExperience with:REST APIs (GET/POST/PUT)JSON/XML data handlingUnderstanding of:Authentication mechanisms (OAuth, API keys, certificates)Experience integrating with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, Okta) is highly desirable Infrastructure & SecurityKnowledge of:Windows security model and account managementPrivileged access and identity governance conceptsFamiliarity with:Enterprise security standardsAudit and compliance requirements Desirable SkillsExperience in Financial Services environmentsExposure to Identity Governance & Administration (IGA) toolsKnowledge of ServiceNow (for workflow/orchestration)Experience with CI/CD pipelines for automation scriptsUnderstanding of hybrid identity environments (on-prem + cloud) Key CompetenciesStrong analytical and problem-solving skillsAbility to operate in complex, distributed environmentsExcellent stakeholder communication (IAM, Security, Infra teams)Focus on automation, accuracy, and operational resilience