Job Description

• 10+ years of Active Directory Architecture, migration/implementation, assessment experience
• Design, plan, and implement enterprise-level Active Directory environments, including forest and domain design, group policy objects (GPOs), OU structure, and DNS architecture.
• Enterprise App Integrations on AAD SSO
• Assess AD migration strategy and identify the target state with AD, Microsoft Entra ID or Hybrid
• Lead migration projects from legacy directory services to Active Directory, ensuring minimal disruption to business operations.
• Architect and implement security best practices within Active Directory, including role-based access control (RBAC), authentication mechanisms, and group memberships.
• Collaborate with cross-functional teams to integrate Active Directory with identity management systems, cloud services, and third-party applications.
• AD Migration expertise using Quest or similar tools
• Develop and maintain documentation, standards, and procedures related to Active Directory architecture, configuration, and operations.
• Perform capacity planning, performance tuning, and troubleshooting for Active Directory infrastructure components.
• Experience with AD Backup/Recovery solutions and security posture enhancement.
• Stay current with emerging technologies, industry trends, and security threats related to Active Directory and identity management.
• Experience with provisioning and day to day management of Directory Services, providing a stable supporting authentication and authorization infrastructure, and effectively and efficiently performing procedures to ensure services meet requirements.
• Develop, document, maintain, and continuously improve Directory Support Services in accordance with defined Policies
• Perform management and support for Directory access via Lightweight Directory Access Protocol ("LDAP") and Microsoft Identity Lifecycle Manager ("ILM")
• Ensure, monitor, and report on customer's compliance on Microsoft Active Directory, Entra id (Azure AD) and other Directory Software and tools
• Manage the customers file & print services and PKI environment and troubleshoot issues/fulfill request around File services & PKI
• Experience in provide maintenance and support for access between various identity directory domains (e.g. SAP, departments Active Directory & Cloud AD)
• Ability to review the performance and issues related to Directory Services and make recommendations to optimize or improve Directory Services and components
• Should be able to monitor the Directory Services components, provide alerts when issues are detected, and take corrective actions in a timely manner to Resolve issues
• Experience with performing availability, capacity, and performance monitoring and management of Directory Services components, and provide trend reports, and proactivity address potential issues based on trends before they impact production Execution Environments
• Experience with User Administration activities related to Microsoft Active directory
• Skilled to perform system administration activities for Active Directory (e.g., manage Active Directory objects, security group creation, group policy set up, manage group membership, perform access control on in scope components, manage files and disk space access, manage service accounts) for all in scope components in accordance with customer Policies
• Experience in managing and monitoring Active Directory replication and perform corrective actions based on manufacture best practices "
• Expertise in Azure Active Directory migrations with key AD controls.
• In-depth knowledge of Active Directory architecture, including domains, forests, trusts, replication, and site topology.
• Proficiency in PowerShell scripting for automation, configuration management, and reporting tasks.
• Experience with Active Directory Federation Services (AD FS), Azure Active Directory (AAD), and hybrid identity solutions.
• Strong understanding of directory services protocols, including LDAP, Kerberos, NTLM, and DNS.
• Experience with consolidating Domain Controllers and migrating users to SSO providers like okta or Forgerock
• Excellent communication skills with the ability to articulate complex technical concepts to non-technical stakeholders.
• Relevant certifications such as Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Identity and Access Administrator Associate, or similar credentials are a plus.