Active Directory (AD) & PKI Architect
Active Directory (AD) & PKI Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Position: Active Directory (AD) & PKI Architect
Location: Remote
Duration: Long term contract
About the Role:
We are seeking a highly experienced Active Directory (AD) & Public Key Infrastructure (PKI) Architect to assess design implement and maintain enterprise-level AD and PKI solutions for a large complex IT environment. The ideal candidate will bring deep expertise in enterprise directory services identity security and certificate lifecycle management along with proven experience leading large-scale AD/PKI modernization initiatives.
The ideal candidate will have a proven track record in managing large-scale AD forests multi-tier domain environments and enterprise certificate lifecycle management systems. Preference will be given to candidates with consulting engagement experience with Microsoft Venafi or other leading PKI/CLM vendors.
Key Responsibilities
- Assess existing AD and PKI environments identify gaps and develop strategic roadmaps for optimization and modernization.
- Design and architect enterprise-scale Active Directory forests multi-tier domain environments and certificate lifecycle management (CLM) solutions.
- Implement and maintain secure scalable and resilient AD and PKI infrastructures.
- Lead enterprise certificate lifecycle management (CLM) deployments integrations and automation.
- Collaborate with cross-functional IT Security and Infrastructure teams to ensure seamless integration with enterprise systems.
- Provide technical leadership guidance and best practices to internal teams and stakeholders.
- Ensure compliance with security regulatory and industry standards related to identity authentication and encryption.
- Support troubleshooting performance tuning and high-availability solutions for AD/PKI platforms.
Required Qualifications
- 10 years of hands-on experience in Active Directory architecture administration and migration.
- 7 years of experience in PKI architecture deployment and lifecycle management.
- Proven experience managing large-scale AD forests and multi-tier domain environments.
- Strong expertise in certificate authorities (CA) CRL/OCSP HSMs and authentication mechanisms
- Deep knowledge of identity security authentication protocols (Kerberos LDAP SAML OIDC) and encryption standards.
- Familiarity with PowerShell scripting and automation of AD/PKI tasks.
- Experience in high-availability disaster recovery and performance optimization for AD/PKI.
Preferred Qualifications
- Consulting engagement experience with Microsoft Venafi DigiCert Entrust Keyfactor or other leading PKI/CLM vendors.
- Expertise in Azure AD / Entra ID hybrid identity and cloud-integrated PKI solutions.
- Security certifications such as MCSE CISSP CCSP or Microsoft Certified: Identity and Access Administrator Associate.
- Prior experience in large enterprise environments (Fortune 500 financial healthcare or government).
Soft Skills
- Strong communication and stakeholder management skills.
- Ability to lead technical discussions with both business and IT executives.
- Consulting experience with ability to produce high-quality technical documentation and presentations.
Employment Type
Full-time
