L4 Senior Active Directory Engineer Pan India Hybrid
Share
Job Location:
Monthly Salary:
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
Department: Identity & Access Management (IAM)
Domain: Cybersecurity
Employment Type: T&M
Location: Offshore India (Pan India)
Work Mode: Hybrid
Shift Timing: General Shift (9:00 AM 6:15 PM)
Interview Mode: Face-to-Face
Reporting To: Director of Digital Identity
Respond By Date: 15/01/2026
We are seeking an experienced L4 Senior Active Directory Engineer with deep expertise in Active Directory architecture security hardening and Microsofts Tiering Model. This role is the highest technical escalation point (L4) and is critical in maintaining a secure resilient and well-governed enterprise AD environment.
Key Responsibilities Active Directory Operations & Troubleshooting-
Lead L4-level troubleshooting for complex AD issues including replication DNS dependencies authentication failures and domain controller health
-
Perform advanced diagnostics using tools such as dcdiag repadmin nltest klist and related utilities
-
Drive Root Cause Analysis (RCA) for major incidents (P1/P2) and implement long-term corrective actions
-
Conduct regular AD health checks hygiene activities and operational assessments
-
Create SOPs mentor junior engineers and contribute to AD improvement initiatives (GPO cleanup DC promotion/decommissioning consolidation projects)
-
Implement and maintain Microsofts Active Directory Tiering Model
-
Partner with IAM Security teams on privilege segregation and tiered admin boundaries
-
Support Privileged Access Workstation (PAW) strategies and identity attack surface reduction
-
Review and align GPOs with corporate security baselines
-
Contribute to AD modernization initiatives (DC upgrades forest/domain redesign)
-
Support hybrid identity architectures (Azure AD / Entra ID)
-
Provide guidance on multi-site AD topology RODC deployments and secure design principles
-
Support lifecycle management capacity planning and strategic improvements
-
Act as the primary escalation point for L1 L3 AD support teams
-
Mentor junior and mid-level engineers and promote knowledge sharing
-
Collaborate with Security Network Cloud and Infrastructure teams
-
Maintain technical documentation SOPs architecture diagrams and governance materials
-
Automate AD administration using PowerShell
-
Improve monitoring alerting and operational baselines
-
Support ITIL processes (Incident Change and Problem Management)
-
10 years of hands-on Active Directory engineering experience in large enterprise environments
-
Deep expertise in AD DS DNS DHCP Sites & Services GPOs FSMO roles
-
Expert-level troubleshooting in high-severity incidents (P1/P2)
-
Strong experience implementing Microsoft AD Tiering Model
-
Experience with multi-domain multi-forest and global AD environments
-
Strong PowerShell scripting and automation skills
-
Strong understanding of Kerberos NTLM and authentication flows
-
Experience with privileged access separation and secure admin boundaries
-
Familiarity with AD security auditing and identity threat mitigation
-
Excellent communication and stakeholder management skills
-
Ability to lead calmly during critical incidents
-
Strong documentation analytical and planning skills
-
Experience with Azure AD / Entra ID ADFS Conditional Access hybrid identity
-
Exposure to PAM tools (CyberArk) and PIM
-
Microsoft Certifications (preferred):
-
Microsoft Certified: Identity and Access Administrator Associate
-
Microsoft Certified: Cybersecurity Architect Expert
-
Legacy MCSE / MCITP
-
Key Skills
- APIs
- C/C++
- Computer Graphics
- Go
- React
- Redux
- Node.js
- AWS
- Library Services
- Assembly
- GraphQL
- High Voltage
