Active Directory Consultant
Share
Job Location:
Houston, MS - USA
Monthly Salary:
Not Disclosed
Posted on:
4 hours ago
Vacancies:
1 Vacancy
Job Summary
Role: Active Directory Consultant
Location: Housto TX ( Hybrid)
Duration: 12 month
INSERT JOB DESCRIPTION HERE
Our client is seeking a Senior Active Directory Consultant to lead the conversion from an Entra ID-only environment to a secure hybrid Active Directory (AD) integrated model.
A strong understanding of Privileged Access Management (PAM) and its integration with Active Directory is critical. Experience with CyberArk is highly desirable.
Key Responsibilities
Architecture & Design
- Lead the design and implementation of a Hybrid AD architecture (Entra ID Hybrid AD Integrated).
- Design a security-hardened AD forest and domain architecture.
- Implement modern security controls:
- Disable NTLM SMB1 and other legacy protocols.
- Enforce modern cryptography standards.
- Design and implement:
- Active Directory Certificate Services (PKI)
- AD-enabled DNS services with Azure DNS integration
- Secure Group Policy baseline design
- AD auditing toolsets
- Design AD hosted in Azure VMs with Read-Only Domain Controllers (RODCs) on-premises.
- Develop a backup and disaster recovery strategy for AD.
Migration & Integration
- Lead workstation and server migration from Entra Joined to Hybrid Joined.
- Oversee integration of PAM solutions with AD.
- Integrate AD with CyberArk PAM (nice to have but highly valued).
- Ensure secure integration between Azure AD (Entra ID) and on-premises infrastructure.
Security & Governance
- Ensure AD is secure resilient and compliant with modern best practices.
- Provide direction on privileged access management design.
- Deliver clear documentation security validation and roadmap articulation.
- Provide strong technical leadership direction and constructive feedback.
Required Experience & Qualifications
- Proven success leading Hybrid AD transformation projects.
- Deep expertise in:
- Active Directory (Forest/Domain design)
- Entra ID (Azure AD)
- Hybrid identity integration
- PAM integration with AD
- Strong knowledge of:
- PKI / AD Certificate Services
- Azure VM-hosted domain controllers
- DNS architecture (AD-integrated & Azure DNS)
- Secure Group Policy design
- AD auditing and logging tools
- Experience implementing least-privilege models and administrative segmentation.
- Strong understanding of disabling legacy authentication protocols.
- Experience with backup and AD recovery strategies.
- CyberArk experience (preferred).
Professional Profile
- 8 12 years of AD/Identity experience.
- Prior success converting to hybrid identity environments.
- Self-starter with strong project ownership mindset.
- Highly focused and execution-driven.
- Strong communicator capable of articulating technical roadmaps and security decisions.
- Confident leader able to provide direction and ensure AD security posture.
Nice to Have
- CyberArk PAM implementation experience.
- Experience in Azure-first or cloud modernization initiatives.
Key Skills
- Sales Experience
- Direct Sales
- Hyperion
- Financial Services
- Financial Concepts
- Banking
- Oracle EBS
- Securities Law
- Peoplesoft
- Oracle
- Financial Management
- Workday
