Windows Server Engineer

Role

Title:

Windows Server Engineer

Duration: contract to run until 30/11/2026

Location: Knutsford. Hybrid 3 days per week onsite

Rate: up to £290.90 p/d Umbrella inside IR35

We are seeking a Windows Server Engineer with strong automation and integration capabilities to support the extraction and provisioning of user account data into enterprise Identity & Access Management (IAM) platforms. The role will focus on automating the retrieval of user accounts (primarily from local Windows SAM databases and/or Active Directory) and integrating these into downstream IAM feeds using Power Shell, Ansible, and API-based integrations.

This position is critical in ensuring accurate, secure, and automated identity data flows across the infrastructure estate.

• Manage and support Windows Server environments (2016/2019/2022)
• Extract and manage local user and group accounts (SAM database)
• Support integration with Active Directory where applicable
• Identify and manage local accounts (e.g., service, admin, break-glass)

• Develop and maintain Power Shell scripts to:
  • Extract user account data from local systems (SAM) or AD
  • Transform data into IAM-compatible formats (JSON, CSV, XML)
• Build and maintain Ansible playbooks for:
  • Remote user account discovery across server estate
  • Scheduled and repeatable IAM feed execution
• Ensure automation is:
  • Scalable across large estates
  • Secure and compliant with enterprise policies

• Design and implement API-based integrations to IAM platforms
• Enable automated identity data feeds using REST APIs:
  • Push user data into IAM systems
  • Handle authentication (OAuth, tokens, certificates)
• Perform data mapping and transformation between source systems and IAM schema

• Ensure integrity and quality of user identity data feeds
• Support audit and compliance requirements:
  • Logging and traceability of account extraction
  • Identification of orphaned or unmanaged accounts
• Collaborate with IAM and security teams to:
  • Define data standards
  • Improve identity governance controls

• Enhance automation frameworks to reduce manual effort
• Identify opportunities to:
  • Replace local account usage with centralized identity
  • Improve security posture (e.g., reduce local admin sprawl)
• Contribute to documentation:
  • Runbooks
  • Architecture diagrams
  • Data flow mappings
  Required Skills & Experience Core Technical Skills
  • Strong experience with Windows Server administration
  • Advanced Power Shell scripting (mandatory)
  • Hands‑on experience with Ansible (Windows modules / WinRM)
  Experience working with:
  • Local SAM accounts (Get‑Local User, WMI, CIM)
  • Active Directory (preferred)
  Integration & API Skills
  
  Experience with :
  • REST APIs (GET/POST/PUT)
  • JSON/XML data handling
  Understanding of:
  • Authentication mechanisms (OAuth, API keys, certificates)
  • Experience integrating with IAM platforms (e.g., SailPoint, Saviynt, Azure AD, Okta) is highly desirable
  Infrastructure & Security Knowledge of:
  • Windows security model and account management
  • Privileged access and identity governance concepts
  Familiarity with:
  • Enterprise security standards
  • Audit and compliance requirements
  Desirable Skills
  • Experience in Financial Services environments
  • Exposure to Identity Governance & Administration (IGA) tools
  • Knowledge of Service Now (for workflow/orchestration)
  • Experience with CI/CD pipelines for automation scripts
  • Understanding of hybrid identity environments (on‑prem + cloud)
  Key Competencies
  • Strong analytical and problem‑solving skills
  • Ability to operate in complex, distributed environments
  • Excellent stakeholder communication (IAM, Security, Infra teams)
  • Focus on automation, accuracy, and operational resilience