Serve as the technical expert and escalation point for all Active Directory-related incidents and requests.
Design, implement, and manage complex AD environments including forests, domains, trusts, and replication.
Maintain and enforce Group Policy Objects (GPOs), including creation, auditing, and lifecycle management.
Ensure the security and compliance of AD environments through regular reviews, hardening, and monitoring.
Maintaining Group Policy Objects (GPOs), including creation, testing, deployment, and documentation.
Design, manage, and troubleshoot AD Sites and Services
Plan and implement site topology, subnet mapping, replication schedules and bridgehead server configuration.
Ensure DNS and AD environments are secure. highly available and compliant.
Support hybrid identity solutions such as Azure AD Connect and ADFS.
Troubleshoot and resolve replication issues, authentication failures, and DNS-related problems.
Collaborate with InfoSec and IAM teams to implement RBAC, privileged access management, and security baselines.
Lead AD upgrades, migrations, consolidations, and DR planning.
Maintain documentation of AD infrastructure, policies, and procedures.
Mentor junior team members and provide knowledge sharing and training.
Act as Second Level Liaison between client and service provider.
Define, write, and maintain PPM (Process and Procedure Manual) for the project
Assigned special projects
Analyze systems, review and implement improvements or upgrades to enhance user experience and to prevent capacity issues
Participate in rotating On-Call schedule and assist in after-hours Monthly Maintenance
Primary Lead in training and mentoring less-experienced members of the team.
Primary Lead in assigned special projects.
Identity And Access Management Mastery
Extensive experience in designing and implementing complex identity and access management solutions, including RBAC, access governance, and privileged identity management (PIM).
Proficiency in integrating Azure AD with various Microsoft and non-Microsoft services, including Azure, Office 365, and third-party applications.
Directory Services
In-depth knowledge of directory synchronization methods, including Azure AD Connect and Azure AD Domain Services.
Experience in architecting and managing complex directory structures for multi-domain and multi-forest environments.
Scripting And Automation Skills
Proficiency in scripting and automation with PowerShell, Azure CLI, or other relevant tools for Azure AD management and reporting.
Communication And Documentation
Excellent communication skills, including the ability to communicate complex technical concepts to non-technical stakeholders.
Strong documentation skills for creating comprehensive architectural and operational documentation.
Job Requirements
Skills, Licenses, Knowledge, Education, And Training Requirements
7+ years of hands-on experience with Microsoft Active Directory in a large-scale enterprise environment.
Expertise in:
ADDS, DNS, DHCP, DFS, and GPO management
Kerberos, LDAP, NTLM, and authentication mechanisms
AD replication and health monitoring tools
Strong knowledge of Windows Server (2016/2019/2022).
Strong experience in troubleshooting AD replication and authentication across multi-site environment.
Experience with PowerShell scripting and automation for AD tasks.
Familiarity with security best practices for Active Directory.
Experience integrating AD with enterprise tools (e.g., MIM, Azure AD, ADFS, Okta, Duo).
Solid understanding of change management, ITIL processes, and incident escalation procedures.
Microsoft certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, MCSE, etc.)
Experience with hybrid cloud environments and identity federation.
Familiarity with auditing tools such as Quest Change Auditor or similar.
Knowledge of Active Directory disaster recovery and backup strategies.
Experience with DNS management tools and IPAM.
Experience supporting DNS in hybrid and cloud environments
Experience in AD disaster recovery, DNS failover, and high availability setups.
