We are hiring for Windows Server Engineer at Knutsford, UK – 3 days per week Onsite
Role Overview
* We are seeking a Windows Server Engineer with strong automation and integration capabilities to support the extraction and provisioning of user account data into enterprise Identity & Access Management (IAM) platforms.
* The role will focus on automating the retrieval of user accounts (primarily from local Windows SAM databases and/or Active Directory) and integrating these into downstream IAM feeds using PowerShell, Ansible, and API-based integrations.
* This position is critical in ensuring accurate, secure, and automated identity data flows across the infrastructure estate.
Key Responsibilities
Windows & Identity Engineering
* Manage and support Windows Server environments (2016/2019/2022)
* Extract and manage local user and group accounts (SAM database)
* Support integration with Active Directory where applicable
* Identify and manage local accounts (e.g., service, admin, break-glass)
Automation & Scripting
* Develop and maintain PowerShell scripts to:
* Extract user account data from local systems (SAM) or AD
* Transform data into IAM-compatible formats (JSON, CSV, XML)
* Build and maintain Ansible playbooks for:
* Remote user account discovery across server estate
* Scheduled and repeatable IAM feed execution
* Ensure automation is:
* Scalable across large estates
* Secure and compliant with enterprise policies
API & IAM Integration
* Design and implement API-based integrations to IAM platforms
* Enable automated identity data feeds using REST APIs:
* Push user data into IAM systems
* Handle authentication (OAuth, tokens, certificates)
* Perform data mapping and transformation between source systems and IAM schema
Data & Governance
* Ensure integrity and quality of user identity data feeds
* Support audit and compliance requirements:
* Logging and traceability of account extraction
* Identification of orphaned or unmanaged accounts
* Collaborate with IAM and security teams to:
* Define data standards
* Improve identity governance controls
Operational & Continuous Improvement
* Enhance automation frameworks to reduce manual effort
* Identify opportunities to:
* Replace local account usage with centralized identity
* Improve security posture (e.g., reduce local admin sprawl)
* Contribute to documentation:
* Runbooks
* Architecture diagrams
* Data flow mappings
Required Skills & Experience
Core Technical Skills
* Strong experience with Windows Server administration
* Advanced PowerShell scripting (mandatory)
* Hands-on experience with Ansible (Windows modules / WinRM)
* Experience working with:
* Local SAM accounts (Get-LocalUser, WMI, CIM)
* Active Directory (preferred)
Integration & API Skills
* Experience with:
* REST APIs (GET/POST/PUT)
* JSON/XML data handling
* Understanding of:
* Authentication mechanisms (OAuth, API keys, certificates)
* Experience integrating with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, Okta) is highly desirable
Infrastructure & Security
* Knowledge of:
* Windows security model and account management
* Privileged access and identity governance concepts
* Familiarity with:
* Enterprise security standards
* Audit and compliance requirements
Desirable Skills
* Experience in Financial Services environments
* Exposure to Identity Governance & Administration (IGA) tools
* Knowledge of ServiceNow (for workflow/orchestration)
* Experience with CI/CD pipelines for automation scripts
* Understanding of hybrid identity environments (on-prem + cloud)
Key Competencies
* Strong analytical and problem-solving skills
* Ability to operate in complex, distributed environments
* Excellent stakeholder communication (IAM, Security, Infra teams)
* Focus on automation, accuracy, and operational resilience