Experience Inc. Jobs

Job Information

First Horizon Bank Azure Security Engineer Sr. in Birmingham, Alabama


About Us

First Horizon is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. With $81.7 billion in assets as of December 31, 2023, we serve clients through a team of approximately 7,300 associates and 418 banking centers throughout the southeastern United States. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. First Horizon has been recognized as one of the nation’s best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank.


  • First Horizon Bank, CISO group, seeks a qualified Active Directory/Azure Administrator to manage the administration, implementation, and maintenance of Active Directory and Azure infrastructures. This position provides 24x7x365 operational support for 7,000+ banking and non-banking branch users across the Bank. On call responsibilities include evenings and weekends to support all described infrastructure.As the subject matter expert for AD/Azure, the person in this position provides non-supervisory technical leadership for the team and ensures that all new and existing AD/Azure technologies are successfully deployed and maintained.Responsibilities include but are not limited to the following:

  • Active Directory Administration

  • Manage operation, health, and security of a multi-site domain.

  • Manage on-prem active directory environment and associated services like DNS, certificate services, etc.

  • Administer and support FHN Azure Identity Management platform.

  • Azure AD Administration

  • Administer and maintain the hybrid and cloud-only identities across multiple Azure AD tenants.

  • Create and maintain Conditional Access Policies.

  • Support SAML and OAuth application configurations.

  • Active Directory Security

  • Manage Group Policy Objects (GPOs).

  • Support on-prem, hybrid, and cloud identity and access management.

  • Support identity and asset lifecycle management.

  • Assist with potential compromised account investigations.

  • Create and tune DLP and AIP policies.

  • Special Data Requests

  • Handle access investigation requests as required.

  • Respond to data access and loss investigations.

  • General Administration

  • Perform troubleshooting, root cause analysis, and performance benchmarking.

  • Respond to help desk tickets.

  • Generate and distribute monthly statistical reporting.

  • Provide support for issues ranging from single-user issues to system-wide problems.

  • Assist with periodic testing of disaster preparedness for the Azure Cloud Platform, TN and TX FHN Data Centers.

  • And other assigned duties.The person in this position reports to the DCIO SICO Dist. Work hours are 8:00 AM - 5:00 PM, Monday - Friday plus on-call responsibilities as scheduled. Skills and Abilities: Knowledge of: advanced level administrative knowledge of Microsoft Active Directory, Azure Active Directory, and hybrid identities; and familiarity with creating and tuning data loss prevention policies and data classification policies. Skills in : managing and monitoring user activity and risk for on-prem, cloud only, and hybrid identities.Ability to: to create and manage on-prem, cloud only, and hybrid identities across multiple tenants either through the GUI or programmatically using PowerShell; utilize configuration management to meet the goals of security and compliance; create and manage Azure Conditional Access Policies to meet organizational access and security objectives; work efficiently and effectively with little oversight; manage a mature operation based on repeatable processes and appropriate metrics; communicate effectively with both technical and non-technical stakeholders at all levels; diagnose issues and apply appropriate trouble-shooting analysis; prepare and present facts clearly and concisely in both written and oral form; evaluate and document processes and record keeping methods; and contribute to process improvements.Minimum Education and Experience RequirementsBachelor's degree in computer science or another related information technology field and four (4) years of IT related work experience; or an equivalent combination of education and experience.Management recommends that candidates have five (5) years of directly related experience in Windows Active Directory and three (3) years of directly related experience to Azure Active Directory Administration within an enterprise environment.Management prefers candidates with:

  • experience with PowerShell tool scripting.

  • cloud services management experience, preferably Azure and AWS.

  • IAM experience within multi domain and cloud tenant environments.

  • experience writing complex search queries in response to security incidents.

  • experience configuring custom monitoring KPIs.

  • knowledge of common security standards such as PCI, FERPA, and NIST.

Benefit Highlights

  • Medical with wellness incentives, dental, and vision

  • HSA with company match

  • Maternity and parental leave

  • Tuition reimbursement

  • Mentor program

  • 401(k) with 6% match

  • More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits

Follow Us

Facebook -- facebook.com/FirstHorizonBank

Twitter -- twitter.com/FirstHorizonBnk

LinkedIn -- linkedin.com/company/first-horizon-bank

Instagram -- instagram.com/first_horizon

YouTube -- youtube.com/channel/UCEVs5OMj-b0H9Dr5Q209_-Q

Corporate Diversity Commitment:

We remain committed to creating a more equitable society, and that starts with our associates, our clients, and the communities we serve. We do this by elevating equity, providing capital and counsel, and committing to excellence in everything we do.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)