Location: Knutsford Job Type: Contract Industry: Enterprise Applications Job reference: BBBH441174_1781101989 Posted: about 13 hours ago
Role Title: Windows Server Engineer
Duration: contract to run until 30/11/2026
Location: Knutsford. Hybrid 3 days per week onsite
Rate: up to £290.90 p/d Umbrella inside IR35
Role purpose / summary
We are seeking a Windows Server Engineer with strong automation and integration capabilities to support the extraction and provisioning of user account data into enterprise Identity & Access Management (IAM) platforms.
The role will focus on automating the retrieval of user accounts (primarily from local Windows SAM databases and/or Active Directory) and integrating these into downstream IAM feeds using PowerShell, Ansible, and API-based integrations.
This position is critical in ensuring accurate, secure, and automated identity data flows across the infrastructure estate.
Key Responsibilities
Windows & Identity Engineering
1. Manage and support Windows Server environments (2016/2019/2022)
2. Extract and manage local user and group accounts (SAM database)
3. Support integration with Active Directory where applicable
4. Identify and manage local accounts (e.g., service, admin, break-glass)
Automation & Scripting
5. Develop and maintainPowerShell scripts to: Extract user account data from local systems (SAM) or ADTransform data into IAM-compatible formats (JSON, CSV, XML)
6. Build and maintainAnsible playbooks for: Remote user account discovery across server estateScheduled and repeatable IAM feed execution
7. Ensure automation is: Scalable across large estatesSecure and compliant with enterprise policies
API & IAM Integration
8. Design and implement API-based integrations to IAM platforms
9. Enable automated identity data feeds using RESTAPIs: Push user data into IAM systemsHandle authentication (OAuth, tokens, certificates)
10. Perform data mapping and transformation between source systems and IAM schema
Data & Governance
11. Ensure integrity and quality of user identity data feeds
12. Support audit and compliance requirements: Logging and traceability of account extractionIdentification of orphaned or unmanaged accounts
13. Collaborate withIAM and security teams to: Define data standardsImprove identity governance controls
Operational & Continuous Improvement
14. Enhance automation frameworks to reduce manual effort
15. Identify opportunities to: Replace local account usage with centralized identityImprove security posture (e.g., reduce local admin sprawl)
16. Contribute to documentation: RunbooksArchitecture diagramsData flow mappings
Required Skills & Experience
Core Technical Skills
17. Strong experience with Windows Server administration
18. Advanced PowerShell scripting (mandatory)
19. Hands-on experience with Ansible (Windows modules / WinRM)
Experience working with:
20. Local SAM accounts (Get-LocalUser, WMI, CIM)
21. Active Directory (preferred)
Integration & API Skills
Experience with:
22. REST APIs (GET/POST/PUT)
23. JSON/XML data handling
Understanding of:
24. Authentication mechanisms (OAuth, API keys, certificates)
25. Experience integrating with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, Okta) is highly desirable
Infrastructure & Security
Knowledge of:
26. Windows security model and account management
27. Privileged access and identity governance concepts
Familiarity with:
28. Enterprise security standards
29. Audit and compliance requirements
Desirable Skills
30. Experience in Financial Services environments
31. Exposure to Identity Governance & Administration (IGA) tools
32. Knowledge of ServiceNow (for workflow/orchestration)
33. Experience with CI/CD pipelines for automation scripts
34. Understanding of hybrid identity environments (on-prem + cloud)
Key Competencies
35. Strong analytical and problem-solving skills
36. Ability to operate in complex, distributed environments
37. Excellent stakeholder communication (IAM, Security, Infra teams)
38. Focus on automation, accuracy, and operational resilience
All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!