Job Title: Active Directory Administrator
Location: Alabang, Muntinlupa (3 times a week RTO -Hybrid)
Mode of Hiring: Contract (6 months Extendable depends on performance)
Shift: Day Shift
Job Description:
PRIMARY RESPONSIBILITIES:
Active Directory Design & Architecture
- Support and Maintenance of AD forests, domains, and organizational units (OUs)
- Planning and implementing trust relationships and replication strategies
Group Policy Management
- Creating and managing Group Policy Objects (GPOs)
- Troubleshooting GPO application issues
Authentication Protocols
- Deep knowledge of Kerberos, NTLM, and LDAP
- Implementing secure authentication and single sign-on (SSO)
AD Security and Hardening
- Securing domain controllers
- Implementing tiered administration models
- Monitoring and auditing AD activity
Backup and Disaster Recovery
- AD backup strategies and authoritative/non-authoritative restores utilizing Semperis
- Using tools like Windows Server Backup, Veeam, or Azure Backup
- PowerShell Scripting
- Automating AD tasks using PowerShell
- Writing scripts for bulk user creation, reporting, and cleanup
Cloud Integration
- Hybrid identity setups with Azure AD
- Synchronization using Azure AD Connect
Compliance and Auditing
- Ensuring AD configurations meet regulatory standards (e.g., GDPR, HIPAA)
- Using tools like Microsoft Defender for Identity or third-party SIEMS
Tools & Technologies Familiarity
- Microsoft tools: ADUC, ADSI Edit, RSAT, Azure AD, ADFS
- Third-party tools: Quest, Okta, Ping Identity, SailPoint
- Monitoring: Event Viewer, Sysmon, Splunk, ELK Stack
SECONDARY RESPONSIBILITIES:
- Windows Administration and Automation
- Participate to the search and qualification of related solutions such as monitoring/management/administration tools
- Provide monthly reports on activity, quality and performance of these System Infrastructures.
- Ensure appropriate documentation, including procedures for the Operations departments
PRIMARY TECHNICAL ABILITIES
Windows Server Administration
- Installing, configuring, and maintaining Windows Server ( 2019, 2022)
- Managing server roles and features (e.g., AD DS, DNS, DHCP)
Domain Controller Management
- Promoting/demoting domain controllers
- Managing FSMO roles and replication
- Monitoring domain controller health
Group Policy Management
- Creating and linking GPOs
- Troubleshooting GPO application issues
- Using tools like gpresult, rsop.msc, and Group Policy Management Console (GPMC)
DNS and DHCP Configuration
- Managing DNS zones and records critical to AD
- Configuring DHCP scopes and reservations
File System and Permissions
- NTFS permissions and inheritance
- Using Access Control Lists (ACLs) and auditing
User Rights Assignment and Security Policies
- Configuring local and domain security policies
- Managing rights via secpol.msc and GPOs
Patch Management and Hardening
- Applying security updates and service packs
- Disabling unnecessary services and enforcing secure configurations
Event Log Monitoring
- Using Event Viewer to audit logon events, replication issues, and policy changes
PowerShell for AD
- Automating user and group management
- Querying and modifying AD objects
- Managing GPOs and domain controllers
Task Scheduler and Scripts
- Automating routine maintenance tasks
- Running scripts for backups, cleanups, or reporting
Hybrid and Cloud Integration
- Azure AD and Windows Server Hybrid Configurations
- Managing hybrid identity with Azure AD Connect
- Understanding differences between on-prem AD and Azure AD Windows Admin Center
- Centralized management of Windows Servers and AD roles
SECONDARY TECHNICAL ABILITIES
- Knowledge on Semperis and back-up setup for Active Directory and Domain Controllers
- Good knowledge on virtualization technologies like VMWare, Microsoft Hyper-V
- Knowledge in Network configuration with Palo Alto and Cisco switches
- Experience with complex software packaging, delivery and maintenance
- Experience with configuration management tools such as Ansible, Puppet, Chef, etc.
- Experience with Docker
- Experience with DevOps environment
- Knowledge in ITIL framework
BEHAVIOR ABILITIES:
- 10 years experience in infrastructure, 5+ years of experience in Active Directory, layer 2/3 networking, and storageanalysis and troubleshooting
- Self-motivated, eager to learn in the IT profession
- Team player must be able to work with people within and outside of the IT department.
- Customer service oriented
- Excellent communication skills, verbal and written. English speaking mandatory
- Ability to analyze and synthesize situations and understand the business constraints
- Willing to do some traveling
Technical Environment:
- Microsoft Active Directory/Entra ID & Active Directory
- VMWare (Enterprise and EnterprisePlus)
- Nutanix NOS
- Hardware: Dell servers XC720, XC730, R7xx
- OS: W2K3 to W2K12R2 - Linux RHEL 5.x/6.x/7.x
- Ticketing et CMDB CA Service Desk Manager
