Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 1K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

RATE NOW!
- ABECA 2025
  
  RATE NOW!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Engaged Employer

Standard Chartered

Compare

3.8

based on 4.3k Reviews

254 Standard Chartered Jobs

Lead Engineer - Directory Services Security

Standard Chartered Bank Ltd

3.8

based on 4.3k Reviews

12-15 years

Bangalore / Bengaluru

1 vacancy

Lead Engineer - Directory Services Security

Standard Chartered

posted 29d ago

Job Role Insights

Flexible timing

Key skills for the job

Automation Testing Auditing Analytical Chemistry Incident Management Microsoft Power BI Windows System Administration

+ 4 more

Job Description

JOB SUMMARY

This role could be based in India, Poland, Malaysia and Singapore. When you start the application process you will be presented with a drop down menu showing all countries, Please ensure that you select a country where the role is based.

Must have Strong knowledge of Active Directory designing, Architecture, Solutioning, Integration with platforms & Applications.
Strong knowledge foundation in Cyber Security frameworks, Threat modelling, MITRE ATT&CK framework.
Strong Knowledge on security standards such as NIST, CIS benchmarking, STIG, and US DoD
Strong Knowledge on Knowledge of single sign-on, federation, active directory/LDAP, Kerberos/NTLM authentication & integrated Windows authentication.
Should possess extensive knowledge of identity related attacks, identity threats, and vulnerabilities.
Should be capable of developing robust resiliency solutions in response for cyber-attacks.
Handson experience on security use cases creation to detect threats and improve the identity security posture.
Strong knowledge on risk assessments and identifying attack vectors and remediation solutions to reduce the attack surface.
Strong familiarity with systems and security technologies, including application/OS hardening techniques, Active Directory, windows, Syslog & Security Event, and Incident Management (SIEM)
Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
Strong knowledge on Cryptography, certificates, PKI, symmetric, asymmetric keys, Encryption & hash algorithms
Strong knowledge of security frameworks and compliance regulations.
Solid understanding of security protocols, cryptography, authentication, authorisation, and security
Strong knowledge on AD authentication protocols kerberos, NTLM, LDAP, LDAPS & LDAP-Start TLS

Strong knowledge on AD Backup and recovery process.
Good knowledge on Network log capturing & analysing the logs through the tools Wireshark, Tshark, Microsoft NM etc,
Good exposure to SAML, OAuth, OpenID and other security/IAM related standards
Develop and implement comprehensive Active Directory security strategies and roadmaps.
Knowledge of single sign-on, federation, active directory/LDAP, Kerberos/NTLM authentication & integrated Windows authentication
Good knowledge on Identify management and Role based access control, attribute-based access control & entitlement management.
Good Knowledge on Security Monitoring and Recovery Solution.
Good Knowledge on recovery Testing Expansion for Complete Loss Recovery & Country Recovery Scenario.
Good Knowledge on Active Directory & windows security audit logs
Strong knowledge on AD trusts, forest, domain tree structures, sites, DNS, GPOs, OU, FRS, DFSR.
Recommend security best practices to achieve stated business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results.
Strong Knowledge on Creating Active Directory Security controls, Domain controller hardening & OS Hardening (Desktop & server), Vulnerability Assessment and Management for Active Directory
Strong knowledge on creating security baseline for domain controllers.
Good knowledge of Entra ID technologies, including authentication models, federation, Multifactor Authentication (MFA), SSO, Enterprise applications, conditional access policies, Identity protections and other relevant capabilities.
Strong Knowledge on IAM disciplines like PIM PAM solutions.

Strong Knowledge on ADFS Integration and authentication methods. Deep Understanding of Federation Protocols SAML, WS-Fed, OAuth, OIDC,
Proficiency in PowerShell, scripting, and automation or automation tools like Ansible
Good to have hands-on familiarity with host-based security solutions, Forensic & Investigation agents, and Compliance scanning and reporting.
Good documentation skills to write a design & configuration document.
Good Interpersonal skill and ability to work as part of a team.
The Lead Engineer - Directory Service Security Engineer is responsible for alignment of security strategy towards the goals of the organization. The lead is one of the design authorities to certify the induction of various technology solutions into the Bank.
This role is also responsible for providing leadership direction and strategic solutions related to directory Services and work with various engineering streams within Workspace and all Workspace team members in Chennai and Bangalore, Malaysia, Singapore and Poland locations.
The Lead Engineer should closely collaboration with red, purple, and blue teams, SOC team to enhance identity platforms security posture.
The Lead Engineer is accountable for the ownership of TIP documents, Test cases, Low level design documents, all the artefacts created by him/her during the design phase. The lead should be responsible for tracking all the ADO ticket and act on those tickets on-time and set the delivery timeline for each task. Also, the lead is responsible to create/track and monitor all the CRISP items and accountable for audit items and RFP related queries.
The Lead Engineer should consult all the engineering decision /activities/tracker with reporting manager, if any BAU related activities or publishing any new product should be consulted with product owner and refer to product road map.
The Lead Engineer should inform regular Engineering Road map details and product releases coming from Microsoft. Should collaboratively work with Entra ID Security team on maintaining the security posture of identity suites.

RESPONSIBILITIES

Strategy

TTO Strategy

Business

Technology and Operations

Regulatory & Business Conduct

Display exemplary conduct and live by the Group s Values and Code of Conduct.
Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
Lead to achieve the outcomes set out in the Bank s Conduct Principles
Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key Stakeholders

Domain Architects of all Business functions
Engineering & Hive Leads of all Business functions
Operation Leads of all Business functions
ICS teams
CISO teams

Qualification

Academic or Professional Education/Qualifications:
Bachelor s or Master s Degree
IAM technology certifications
CISSP certification, and exposure to other security domains
Strong documentation and communication skills.
Good analytical and strong technical skills in L3/L4 level trouble shooting.
Experience: 12 -15 years (IT Consultancy, Solution Design, Engineering, Support, Administration)
Architect level expertise and specialization (Level-300, Level-400) in Identity Products

Role Specific Technical Competencies

Active Directory designing, Architecture, Solutioning, Integration with platforms & Applications.
Good exposure in Solution Design, Securing AD,
Resiliency solution, Administrative AD Tier Model
Knowledge on Security standards such as NIST, CIS benchmarking, STIG, and US DoD
Work experience with Dev Ops for automation

Cyber Security frameworks, threat modelling, MITRE ATT&CK framework reviews
Migration experiences. Should have strong experience on migration of AD, ADFS and AAD Connect.
Expertise in risk assessments and identifying attack vectors
Designing complex Identity solutions, leading work-streams on transformational programs and ensuring conformance to agreed design standards, methods, and tools, including prototyping new tools and applications where appropriate
A good working knowledge of the entire M365 stack, including their interactions and use cases
Identify and access management; tracking and creating/enforcing policies that govern access sensitive technology resource.
Strong knowledge on Directory service architecture and preparing solution design for migration activities and POCs.

About Standard Chartered

Were an international bank, nimble enough to act, big enough for impact. For more than 170 years, weve worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If youre looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we cant wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, youll see how we value difference and advocate inclusion.

Together we:

Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
Flexible working options based around home and office locations, with flexible working patterns.
Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.