Job Specifications
Job Title: Senior Active Directory (On-prem) Engineer
Location: Charlotte, NC | Chandler, AZ | Dallas, TX | Iselin, NJ
Job Summary –
We are seeking a highly skilled Senior Active Directory Engineer to design, implement, secure, and maintain our enterprise Active Directory (AD) and related identity services. The ideal candidate will have deep technical expertise in Active Directory, Azure AD, and identity federation technologies, along with strong troubleshooting, automation, and security skills. This role is critical to ensure a robust, scalable, and secure identity infrastructure for our global organization.
Years of experience needed –
8+ years of experience in On-Prem Active Directory
Key Responsibilities:
· Architecture & Design:
Lead the design, implementation, and enhancement of enterprise Active Directory, Azure AD, and hybrid identity solutions.
Develop and maintain AD Group Policies, OU structure, replication, and DNS/DHCP integration.
· Operations & Support:
Provide tier-3 engineering support for AD, ADFS, Azure AD Connect, and identity-related issues.
Monitor, troubleshoot, and optimize AD replication, authentication, and authorization processes.
Manage enterprise PKI, certificate services, and secure LDAP.
· Security & Compliance:
Implement and enforce security best practices for AD, privileged access management (PAM), and conditional access.
Partner with security teams to conduct audits, vulnerability assessments, and remediation activities.
Ensure compliance with regulatory standards (SOX, HIPAA, GDPR, etc.) as applicable.
· Automation & Innovation:
Develop automation scripts and tools (PowerShell, Python, etc.) for AD administration and reporting.
Drive adoption of modern identity technologies, Zero Trust principles, and cloud-based IAM services.
· Collaboration:
Work closely with IT Security, Cloud, and Application teams on integrations, migrations, and upgrades.
Provide mentorship to junior engineers and contribute to knowledge-sharing initiatives.
Education & Experience:
Bachelor’s degree in computer science, Information Technology, or related field (or equivalent experience).
7+ years of hands-on experience with Active Directory in enterprise environments.
Strong experience with Azure AD, ADFS, Azure AD Connect, Conditional Access, and SSO/Federation.
Experience with Windows Server (2016/2019/2022), DNS, DHCP, and PKI.
· Technical Skills:
Expert in PowerShell scripting and automation.
Knowledge of Group Policy Management, Kerberos, LDAP, NTLM, and authentication protocols.
Familiarity with identity security frameworks (Zero Trust, PAM, MFA).
Experience with cloud integrations (Microsoft 365, SaaS apps, SAML, OAuth, SCIM).
· Preferred:
Microsoft Certified: Identity and Access Administrator Associate or similar certifications.
Experience with Okta, Ping, or other IAM platforms a plus.
Strong background in cybersecurity, incident response, and directory security hardening.
· Key Competencies:
Strong analytical and problem-solving skills.
Excellent written and verbal communication.
Ability to lead projects and work independently with minimal supervision.
High attention to detail and commitment to operational excellence.