ITC Technology
Capabilities

IAM & Active Directory skills

Hands-on experience across the identity lifecycle — design, deployment, hardening, automation and day-2 operations.

Active Directory (On-prem)

  • Forest & domain design, multi-site topology
  • FSMO roles, replication & sites/services
  • Group Policy design & central store management
  • DNS, DHCP and PKI integration
  • Schema management & AD recovery / forest restore
  • Trust relationships (one-way, two-way, transitive)

Microsoft Entra ID (Azure AD)

  • Hybrid identity with Entra Connect / Cloud Sync
  • Conditional Access & risk-based policies
  • Privileged Identity Management (PIM)
  • Identity Protection, MFA & passwordless
  • Entitlement management & access reviews
  • App registrations, SAML / OIDC integrations

Privileged Access Management

  • Tier 0/1/2 administrative model
  • Just-in-time & just-enough access (JIT/JEA)
  • CyberArk, BeyondTrust, Delinea integrations
  • Secure Privileged Access Workstations (PAWs)
  • Credential vaulting & session recording
  • Break-glass account governance

Identity Governance

  • RBAC & ABAC role design
  • Joiner-Mover-Leaver (JML) automation
  • SailPoint IdentityIQ / IdentityNow
  • Saviynt, Microsoft Entra ID Governance
  • Access certifications & SoD enforcement
  • Audit trails for SOX, ISO 27001, SOC 2

Federation & SSO

  • SAML 2.0, OAuth 2.0, OpenID Connect
  • AD FS, Okta, Ping Identity, Auth0
  • SCIM-based user provisioning
  • Token claims & transformation rules
  • WS-Federation legacy app support
  • Cross-tenant B2B & B2C scenarios

AD Hardening & Security

  • Tiering, LAPS, gMSA, protected users
  • Kerberoasting & AS-REP roast mitigation
  • NTLM auditing and phased deprecation
  • BloodHound / PingCastle attack-path analysis
  • ADCS hardening, ESC1-ESC8 remediation
  • SIEM integration & AD audit policy tuning

Automation & Tooling

  • PowerShell (AD, Graph API, Exchange Online)
  • Microsoft Graph & REST API integrations
  • Terraform / Bicep for Entra ID-as-code
  • Azure Automation, Logic Apps, Functions
  • Git-based change control & CI/CD pipelines
  • Custom JML connectors & reporting

Compliance & Frameworks

  • NIST 800-53, 800-63, ISO 27001, CIS Controls
  • Zero Trust architecture (NIST SP 800-207)
  • SOX ITGC, PCI-DSS & HIPAA identity controls
  • Cyber Essentials Plus & UK GovAssure
  • Risk register & control mapping
  • Identity-centric incident response playbooks
Get in touch

Let’s talk identity.

Open to advisory, contract and permanent opportunities involving Active Directory, Entra ID, identity governance, or zero-trust programmes. The best way to reach me is by email.

Email
IAM@itc.technology
LinkedIn
linkedin.com/in/royrtaylor
Location
United States — Remote