Job Specifications
Kerberos Security Consultant - SC Cleared
Whitehall Resources are currently looking for a Kerberos Security Consultant - SC Cleared on a Remote basis for an initial 6 Week contract.
*** INSIDE IR35 ***
*** MUST HOLD ACTIVE SC CLEARANCE ***
Key Responsibilities:
Active Directory Security Assessment
Conduct a detailed technical review of the Active Directory environment, focusing on domain controllers, trusts, and Privileged Access behaviours. Identify deprecated accounts and protocols and risks associated with KRBTGT accounts and delegated admin structures.
KRBTGT and Privileged Account Management
Review current management processes for the KRBTGT account and assist in safely rotating passwords in accordance with Microsoft and NCSC best practice. Analyse privileged group memberships (Domain Admins, Enterprise Admins, etc) and provide risk-based remediations.
Deprecated Protocol Review and Hardening
Identify and report on legacy or insecure protocols.
Kerberos and Authentication Hygiene
Analyse Kerberos ticket anomalies. Recommend mitigations, including key rotations and enhanced monitoring.
Azure AD and Hybrid Identity Assessment
Review Azure AD integration, synchronisations, and hybrid identity configurations. Ensure alignment with zero-trust principles and NCSC cloud security guidance.
Service and Tier-0 Asset Review
Evaluate service accounts, GOPs, and Tier-0 asset protection. Recommend controls for securing Privileged Access Workstations (PAW), Cloud Privileged Access Workstations, and implementation of Privileged Identity Management (PIM) and Privileged Access Management (PAM).
Reporting and Advisory Engagement
Provide input for summary and technical reporting, including findings, risks and remediation plans. Provide clear prioritisation for mitigations and roadmaps.
Mitigation Support
Support internal teams with implementation of password rotations, Entra configuration, changes and policy updates. Validate that changes align with best practice and NCSC guidance.
Key Deliverables:
AD/Entra Assessment Report
Document findings, mapped to Microsoft and NCSC best practice.
KRBTGT and Privileged Account management plan
Detailed plan for secret rotation, privileged account management.
Deprecated Protocol Remediation Plan
Recommendation and implementation guidance to deprecate insecure protocols and enforce authentication.
Updated Entra Baseline
Provide a hardened configuration baseline in line with Microsoft and NCSC best practice.
Risk Report
Risk report for both internal and executive stakeholders.
Essential Skills and Experience:
Advanced understanding of Microsoft Active Directory / Entra, Group Policy, Kerberos, and hybrid identity (On-Prem and Entra ID).
Strong knowledge of Privileged Access Management (PAM/PIM) and secure authentication protocols.
Standards and Frameworks
Proven experience of applying NCSC guidance and Microsoft best practice.
Security Hardening
Practical experience hardening authentication mechanisms (Kerberos, NTLMv2, LDAP signing), and implementing secure administrative practice (PAW/PIM, JiT)
Advisory Capability
Ability to engage with technical and non-technical stakeholders, translate complex findings in actionable mitigations and recommendations.
Experience with Agile methodologies & skills.
Curiosity, continuous learning and willingness to get hands-on when needed
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.
Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
About the Company
We specialise in the provision of SAP, IT, and Data recruitment across the UK, Europe, the Middle East, and the US. You know from experience how specialist IT systems are the lifeblood of a major company. Essential for efficiency, economy, and stronger results across the board, you need those systems to run smoothly and evolve with your business.
So make it happen with a recruiter who provides you with the very best IT specialists - every time and at the shortest notice.
Contact our teams via:
UK
T: +44 (0)1206 212101
E:...
Know more