Quest ARS Engineer IV

Kforce has a client that is seeking a Quest ARS Engineer IV in Nashville, TN.

Key Responsibilities: Design & Architecture: * Architect and deploy Quest Active Roles Server solutions for large-scale, hybrid identity environments * Define and implement ARS architecture, including Administration Service, Web Interface, and AD LDS configuration store * Develop high-availability and disaster recovery strategies for ARS and supporting infrastructure Identity Management & Automation: * Configure and manage Role-Based Access Control (RBAC), Access Templates, and Managed Units for delegated administration * Build and maintain policy-based workflows for user provisioning, deprovisioning, and approval processes * Implement automation for M365 license assignment, group management, and mailbox provisioning using ARS policies and PowerShell scripts Integration & Customization: * Integrate ARS with Active Directory, Entra ID, and Microsoft 365 services * Customize ARS using PowerShell scripting, event handlers, and API integrations to meet business requirements * Collaborate with ITSM and HR systems for automated joiner/mover/leaver processes Security & Compliance: * Enforce least-privilege delegation and separation of duties through ARS RBAC * Implement auditing and reporting for compliance with regulatory standards (SOX, HIPAA, etc.) * Ensure secure connectivity, certificate management, and MFA/SSO integration for ARS Web Interface* Looking for someone with deep experience designing, implementing, and supporting ARS to manage Active Directory (AD), Microsoft 365 (M365), and Entra ID (Azure AD) in hybrid environments * Expert knowledge of ARS architecture, RBAC, Access Templates, and workflow automation * Strong background in Microsoft Active Directory design and support * Experience with hybrid identity, directory synchronization, and M365/Entra ID integration * Ability to customize ARS using PowerShell, event handlers, and API integrations * Solid understanding of security, compliance, and least-privilege delegation Expert-level experience with Quest Active Roles Server: * Architecture, deployment, and configuration in enterprise environments * RBAC design, Access Templates, Managed Units, and workflow automation * Customization using PowerShell, event handlers, and API integrations Extensive experience with Microsoft Active Directory: * Multi-domain/forest design, GPOs, OU structure, and security delegation Strong knowledge of: * Hybrid identity and directory synchronization (AD; Entra ID) * Microsoft 365 integration (Exchange Online, Teams, Groups, license management) * Security and compliance best practices for identity management Hands-on experience with: * PowerShell scripting for automation * High availability and disaster recovery for ARS and supporting components * SSO/MFA integration (e.g., Entra ID Conditional Access, Okta) Preferred Skills: * Experience with ITSM integrations (e.g., ServiceNow) and HR-driven provisioning * Familiarity with REST APIs and modern identity governance frameworks * Knowledge of PKI, certificate lifecycle management, and secure credential handling