What are the responsibilities and job description for the Quest ARS Engineer IV position at Kforce Inc?
Responsibilities
Kforce has a client that is seeking a Quest ARS Engineer IV in Nashville, TN. Key Responsibilities: Design & Architecture:
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce has a client that is seeking a Quest ARS Engineer IV in Nashville, TN. Key Responsibilities: Design & Architecture:
- Architect and deploy Quest Active Roles Server solutions for large-scale, hybrid identity environments
- Define and implement ARS architecture, including Administration Service, Web Interface, and AD LDS configuration store
- Develop high-availability and disaster recovery strategies for ARS and supporting infrastructure
- Configure and manage Role-Based Access Control (RBAC), Access Templates, and Managed Units for delegated administration
- Build and maintain policy-based workflows for user provisioning, deprovisioning, and approval processes
- Implement automation for M365 license assignment, group management, and mailbox provisioning using ARS policies and PowerShell scripts
- Integrate ARS with Active Directory, Entra ID, and Microsoft 365 services
- Customize ARS using PowerShell scripting, event handlers, and API integrations to meet business requirements
- Collaborate with ITSM and HR systems for automated joiner/mover/leaver processes
- Enforce least-privilege delegation and separation of duties through ARS RBAC
- Implement auditing and reporting for compliance with regulatory standards (SOX, HIPAA, etc.)
- Ensure secure connectivity, certificate management, and MFA/SSO integration for ARS Web Interface
- Looking for someone with deep experience designing, implementing, and supporting ARS to manage Active Directory (AD), Microsoft 365 (M365), and Entra ID (Azure AD) in hybrid environments
- Expert knowledge of ARS architecture, RBAC, Access Templates, and workflow automation
- Strong background in Microsoft Active Directory design and support
- Experience with hybrid identity, directory synchronization, and M365/Entra ID integration
- Ability to customize ARS using PowerShell, event handlers, and API integrations
- Solid understanding of security, compliance, and least-privilege delegation
- Architecture, deployment, and configuration in enterprise environments
- RBAC design, Access Templates, Managed Units, and workflow automation
- Customization using PowerShell, event handlers, and API integrations
- Multi-domain/forest design, GPOs, OU structure, and security delegation
- Hybrid identity and directory synchronization (AD; Entra ID)
- Microsoft 365 integration (Exchange Online, Teams, Groups, license management)
- Security and compliance best practices for identity management
- PowerShell scripting for automation
- High availability and disaster recovery for ARS and supporting components
- SSO/MFA integration (e.g., Entra ID Conditional Access, Okta)
- Experience with ITSM integrations (e.g., ServiceNow) and HR-driven provisioning
- Familiarity with REST APIs and modern identity governance frameworks
- Knowledge of PKI, certificate lifecycle management, and secure credential handling
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Salary : $75 - $85