Job Specifications
Role: Subject Matter Expert – Active Directory & Entra ID Services
Job Type: Onsite
Location: Los Angeles, CA
This is a W2 position.
Job Description
We are seeking a highly skilled Subject Matter Expert (SME) – Active Directory & Entra ID Services to join our global identity and access management team. The ideal candidate will possess deep technical expertise in Active Directory (AD), Entra ID (Azure AD), and related hybrid identity services, along with proven experience in service ownership, stakeholder engagement, and technical leadership.
This role will be responsible for managing day-to-day operations, driving service excellence, mentoring team members, and acting as a key point of contact for escalations, issue resolution, and stakeholder communication.
Skill / Qualifications
Bachelor’s Degree in Computer Science, Information Technology, or a related field.
10–12 years of relevant experience in Active Directory and Entra ID management, including 3–5 years in an SME or leadership role.
Strong understanding of Windows Server infrastructure, ADFS, ADCS, DNS, PKI, and IAM principles.
Proven experience managing complex multi-forest Active Directory environments.
Expertise in PowerShell scripting and automation for administrative and reporting tasks.
Demonstrated service delivery, stakeholder management, and technical leadership experience.
Excellent communication, analytical, and problem-solving skills.
Ability to manage critical incidents under pressure while maintaining service stability.
Strong collaboration and interpersonal skills.
Ability to influence cross-functional teams and stakeholders.
Proven ability to translate technical details into business-oriented communication.
Passion for continuous improvement, innovation, and knowledge sharing.\
Certification Required
Preferred Certifications
Microsoft Certified: Identity and Access Administrator (SC-300)
Microsoft Certified: Azure Administrator Associate (AZ-104)
Microsoft Certified: Windows Server Hybrid Administrator Associate
ITIL Foundation Certification
Job Responsibilities
Domain & Leadership Responsibilities
Serve as the primary knowledge resource for Active Directory and Entra ID services.
Provide expert guidance on solution design, process improvement, and technical decision-making.
Partner with stakeholders to understand business challenges and deliver scalable, high-impact solutions.
Act as a trusted advisor, ensuring recommendations align with organizational goals and compliance requirements.
Participate in governance meetings, design reviews, and project discussions as a subject matter expert.
Provide validation during testing, QA, and implementation phases.
Develop and maintain detailed documentation, including SOPs, architecture diagrams, and process maps.
Build and enhance internal knowledge repositories, playbooks, and automation frameworks.
Identify and implement opportunities for process optimization, automation, and innovation.
Mentor team members to strengthen domain expertise and ensure knowledge transfer.
Work closely with offshore teams, serving as a backup for the onsite Tech Lead and covering responsibilities when required.
Technical Responsibilities
Active Directory (On-Premises)
Administer and support AD Domain Controllers, forests, and trust relationships.
Manage promotion/demotion of domain controllers and forest-level administration.
Oversee Group Policy Objects (GPOs), Sites and Services, and replication configurations.
Conduct AD health checks, database cleanup, and replication remediation.
Manage SYSVOL, Global Catalogue, FSMO roles, and Windows Time Services.
Implement and maintain AD backup, recovery, and disaster recovery (DR) procedures.
Configure and manage Certificate Services (ADCS) and Public Key Infrastructure (PKI).
Manage roaming profiles, folder redirection, and cloud storage access control (Azure Storage).
Lead domain migration and consolidation initiatives.
Ensure security hardening, compliance, and vulnerability management for domain controllers.
Entra ID / Hybrid Identity
Administer and support Entra Connect / Sync servers and synchronization rules.
Manage Azure AD roles, Administrative Units, RBAC, and Conditional Access Policies.
Oversee Application Registrations (OIDC, SAML), Dynamic Groups, and Privileged Identity Management (PIM).
Manage Service Principals, custom domains, and identity lifecycle processes.
Collaborate on integration with third-party IAM platforms such as Okta.
Automation, Documentation & Compliance
Design and implement automation solutions using PowerShell scripting for monitoring, reporting, and health checks.
Maintain up-to-date technical documentation, architecture blueprints, and SOPs.
Drive process efficiency through automation and adherence to best practices.
Support audit and compliance initiatives with accurate records and change documentation.
Prepare Root Cause Analysis (RCA) reports and Problem Management documentation for incidents.
About Us
We a