Identity & Access Management Engineer - Information Security

Are you passionate about the chance to bring your technical experience to drive our Engineering team using industry best practices in a world-class company?

We are hiring 100+ Software Engineers including Identity & Access Management engineers with various experience levels for our Shared Service Center in Mexico City.

As an Identity & Access Management Engineer at Thomson Reuters, you will be responsible for continually looking to optimize systems and services for security, automation, performance, and availability, while ensuring solutions are developed, adhered and aligned to architectural standards.

You will be responsible for ensuring that technology systems and related procedures adhere to organizational values. You’ll be able to deliver innovative solutions that impact our customers' business every day and partner with teammates globally to develop innovative solutions for the best products in the market.

In these opportunities, as an Identity & Access Management Engineer, you will :

• Develop and Deliver : Apply modern Engineering practices; you will be involved in the entire development, operational support, monitoring, automation, building, testing, and delivering high-quality solutions for the Engineering team.
• Be a Team Player : Working in a collaborative team-oriented environment, you will share information, value diverse ideas, and partner with cross-functional and remote teams.
• Have an Agile Mindset : With a strong sense of urgency and a desire to work in a fast-paced, dynamic environment, you will deliver solutions against strict timelines.
• Be Innovative : You are empowered to try new approaches and learn new technologies. You will contribute innovative ideas, create solutions, and be accountable for end-to-end deliveries.
• Be an Effective Communicator : Through active engagement and communication with cross-functional partners and team members, you will effectively articulate ideas and collaborate on technical developments.

You’re a fit for our Identity & Access Management Engineer roles if you have :

• A Bachelor's degree in Computer Science, Engineering, Information Technology, or equivalent experience.
• 4+ years of IT or IT Security experience including the following : Windows 2012 / 2016 server - Forest, Domain trust, AD, ADFS, DNS, WINS, DHCP, Group Policy, Distribution lists, Windows folder security, and IP filter.
• 2+ years experience with server technology capability and products.
• Managing, installing, and troubleshooting Microsoft Windows active directory, DNS, and services on Windows 2012 / 2016 platforms.
• Install and configure Active Directory Domain Services for object management (users, groups, network printers, network guests' nodes) and Active Directory Lightweight Active Directory Services for deployment of applications.
• Creating Organizational Units (OU’s) and setting up Group Policy Objects (GPO), and Group Policy Containers (GPC).
• Having knowledge of the DCPROMO process and configuring AD Site, OU structure, Site Link, DNS, DHCP, WINS, Global Catalog server, Directory Services, Subnet mask, DNS forwarders, and Reverse Lookup.
• Involved in fixing the interoperability among different applications and setting the rules on profiles in Application Isolation Environment (AIE).
• Involved in troubleshooting functionality errors of the applications in an isolation environment.
• Strong hands-on administration experience on Windows server - Forest, Domain trust, AD, ADFS, DNS, WINS, DHCP, Group Policy, Distribution lists, Windows folder security, and IP filter.
• Expert level knowledge of Active Directory LDAP service, shell scripting, Certificate services (PKI), and AD Site Topology - all under a multi-site multi-domain Windows 2012 environment.
• Expertise in Active Directory design and support (Group Policy Object (GPO), Active Directory (AD) Schema, Organization Unit (OU), LDAP, Sites, Replication, etc.)
• Creating and Linking Group policies for Windows Server in AD domain. Experience in Performing the Domain functional level from Windows server.
• Experience working closely with Security Service teams for least privilege configurations.
• Experience in creating and maintaining group policy objects for Windows servers host access.
• Experience in analyzing system issues to determine root cause, and work with concerned teams in testing and implementing fix to resolve issues.
• Coordinate with service providers, vendors and various teams throughout the organization to ensure timely resolution on Issues.
• Monitor the performance of Windows Server environment and take appropriate proactive measures to prevent impacts.
• Design and develop specialized automation tools, scripts, and processes for the administration and performance monitoring of Windows systems
• Strong troubleshooting skills in a Windows environment - Event log analysis, installation and administration of Windows Server, including user setup and defining roles, performance tuning, backup and restore, security monitoring, registry, and AD scripting.
• Experience with Vulnerability mitigation and patch management.
• Configuring and managing DNS and Active Directory. Created Active Directory Sites, OU containers, and groups to assign permissions.
• Assigning shared level / security level permission to customer folders and files.
• Managing and maintaining services to clients as per agreed contract and SLAs are achieved
• Reporting daily operational issues in daily review meetings with account management.
• Reporting outage incidents and ensuring RCA's are provided to clients. Keep track of RCA records towards timely completion from the team.
• On-call support during off-duty hours on weekdays, weekends, and holidays on a scheduled / rotating basis.
• Act as a member of the Windows Active Directory Domain Administrator Support Team in providing timely and efficient support to assigned operations; coordinate day-to-day operations, apply security patches / fixes and anti-virus updates as released by software manufacturers and anti-virus vendors, create and implement domain-level security policies such as authentication mechanisms, password policies and rules, IPSEC policies etc.
• Review domain-level rights and privileges and perform changes to the same as appropriate.
• Collaborate in assessing current and expected Windows infrastructure needs, configuration, maintenance, optimization, and documentation of Windows infrastructure.
• Follow and apply configuration and security standards and policies within a defined Change Management process.
• Assist with implementing solutions for hardware and software. Implement common preventive maintenance practices for hardware and software.
• Ensure that system improvements and changes are implemented correctly and completely and monitor all effects of the modifications.
• Experience in Vulnerability remediation.
• Strong working knowledge of ITIL Incident, Problem, and Change Management disciplines.

You will join our inclusive culture of world-class talent, where we are committed to your personal and professional growth through :

• Hybrid Work Model : We’ve adopted a flexible hybrid working environment for our office-based roles while delivering a seamless experience that is digitally and physically connected.
• Culture : Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.
• Wellbeing : Comprehensive benefit plans; flexible and supportive benefits for work-life balance : two company-wide Mental Health Days Off; work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country, Headspace app subscription; retirement, savings, and employee incentive programs; resources for mental, physical, and financial well-being.
• Learning & Development : LinkedIn Learning access; internal Talent Marketplace with opportunities to work on projects cross-company;
• Ten Thousand Coffees Thomson Reuters café networking.
• Social Impact : Nine employee-driven Business Resource Groups; two paid volunteer days annually; Environmental, Social, and Governance (ESG) initiatives for local and global impact.
• Purpose-Driven Work : We have a superpower that we’ve never talked about with as much pride as we should we are one of the only companies on the planet that helps its customers pursue justice, truth, and transparency.

Do you want to be part of a team helping re-invent the way knowledge professionals work? How about a team that works every day to create a more transparent, just and inclusive future?

At Thomson Reuters, we’ve been doing just that for almost 160 years. Our industry-leading products and services include highly specialized information-enabled software and tools for legal, tax, accounting and compliance professionals combined with the world’s most global news services Reuters.

We help these professionals do their jobs better, creating more time for them to focus on the things that matter most : advising, advocating, negotiating, governing and informing.

We are powered by the talents of 26,000 employees across more than 70 countries, where everyone has a chance to contribute and grow professionally in flexible work environments that celebrate diversity and inclusion.

At a time when objectivity, accuracy, fairness and transparency are under attack, we consider it our duty to pursue them.

Sound exciting? Join us and help shape the industries that move society forward.

As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex / gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under applicable law.

Thomson Reuters is proud to be an Equal Employment Opportunity / Affirmative Action Employer providing a drug-free workplace.

We also make reasonable accommodations for qualified individuals with disabilities and for sincerely held religious beliefs in accordance with applicable law.