Key Responsibilities

Active Directory Administration and Support

Implement and manage Active Directory (AD) on Windows Server 2019 and newer versions. Administer and troubleshoot AD topology, replication, and core components. Execute domain migration and consolidation for large-scale enterprise environments. Design and implement robust domain controller placement for disaster recovery scenarios and perform metadata cleanup. Administer AD-integrated DNS, including migration, consolidation, zone management, SRV records, conditional forwarders, root hints, and scavenging procedures. Implement, and manage Group Policy Objects (GPOs) and Group Policy Preferences (GPPs). Configure and troubleshoot various trust relationships between domains. Manage authentication protocols and procedures for user and workstation authentication. Remediate security vulnerabilities identified by risk assessment programs. 

 

Identity and Access Management

Manage and maintain Active Directory Federation Services (ADFS), Entra ID Connect, and Active Directory Certificate Services (AD CS). Administer Entra ID environments, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), Privileged Identity Management (PIM), and Self-Service Password Reset (SSPR). Troubleshoot issues related to MFA, application SSO, and other identity services. Architect and implement application federations with Entra ID to enable seamless authentication and authorization for SaaS, third-party, and multi-tenant applications. Manage the end-to-end lifecycle of application registrations within Entra ID, including managing application credentials, permissions, and manifest configurations. Configure and optimize Entra ID sign-in flows for various application types (e.g., web, SPA) to ensure a secure and compliant user authentication experience. Integrate line-of-business applications and other enterprise applications with Entra ID to centralize identity management and control access.  Perform server security hardening, including patching, and TLS encryption implementation. Develop and implement security policies across the server infrastructure. Create PowerShell scripts to automate various administrative tasks.

 

Required Qualifications

Proven experience as an Active Directory and Identity Platform Engineer in an enterprise environment. Deep expertise in Windows Server administration, Active Directory, DNS, and GPO management. Extensive hands-on experience with Entra ID (formerly Azure AD), including Entra ID Connect, ADFS, MFA, SSO, PIM, and Conditional Access Policies. Proficiency in PowerShell scripting for automation and administration. Excellent troubleshooting, problem-solving, and communication skills. Strong understanding of security best practices related to identity and access management. Experience in a project lead or senior technical role.