Systems Admin, Sr

Job Responsibilities:

• Serve as the technical expert and escalation point for all Active Directory-related incidents and requests.
• Design implement and manage complex AD environments including forests domains trusts and replication.
• Maintain and enforce Group Policy Objects (GPOs) including creation auditing and lifecycle management.
• Ensure the security and compliance of AD environments through regular reviews hardening and monitoring.
• Maintaining Group Policy Objects (GPOs) including creation testing deployment and documentation.
• Design manage and troubleshoot AD Sites and Services
• Plan and implement site topology subnet mapping replication schedules and bridgehead server configuration.
• Ensure DNS and AD environments are secure. highly available and compliant.
• Support hybrid identity solutions such as Azure AD Connect and ADFS.
• Troubleshoot and resolve replication issues authentication failures and DNS-related problems.
• Collaborate with InfoSec and IAM teams to implement RBAC privileged access management and security baselines.
• Lead AD upgrades migrations consolidations and DR planning.
• Maintain documentation of AD infrastructure policies and procedures.
• Mentor junior team members and provide knowledge sharing and training.
• Act as Second Level Liaison between client and service provider.
• Define write and maintain PPM (Process and Procedure Manual) for the project
• Assigned special projects
• Analyze systems review and implement improvements or upgrades to enhance user experience and to prevent capacity issues
• Participate in rotating On-Call schedule and assist in after-hours Monthly Maintenance
• Primary Lead in training and mentoring less-experienced members of the team.
• Primary Lead in assigned special projects.

Identity and Access Management Mastery:

• Extensive experience in designing and implementing complex identity and access management solutions including RBAC access governance and privileged identity management (PIM).
• Proficiency in integrating Azure AD with various Microsoft and non-Microsoft services including Azure Office 365 and third-party applications.

Directory Services:

• In-depth knowledge of directory synchronization methods including Azure AD Connect and Azure AD Domain Services.
• Experience in architecting and managing complex directory structures for multi-domain and multi-forest environments.

Scripting and Automation Skills:

Communication and Documentation:

Skills Licenses Knowledge Education and Training Requirements:

• 7 years of hands-on experience with Microsoft Active Directory in a large-scale enterprise environment.
• Expertise in:
  1. ADDS DNS DHCP DFS and GPO management
  2. Kerberos LDAP NTLM and authentication mechanisms
  3. AD replication and health monitoring tools
• Strong knowledge of Windows Server (2016/2019/2022).
• Strong experience in troubleshooting AD replication and authentication across multi-site environment.
• Experience with PowerShell scripting and automation for AD tasks.
• Familiarity with security best practices for Active Directory.
• Experience integrating AD with enterprise tools (e.g. MIM Azure AD ADFS Okta Duo).
• Solid understanding of change management ITIL processes and incident escalation procedures.
• Microsoft certifications (e.g. Microsoft Certified: Identity and Access Administrator Associate MCSE etc.)
• Experience with hybrid cloud environments and identity federation.
• Familiarity with auditing tools such as Quest Change Auditor or similar.
• Knowledge of Active Directory disaster recovery and backup strategies.
• Experience with DNS management tools and IPAM.
• Experience supporting DNS in hybrid and cloud environments
• Experience in AD disaster recovery DNS failover and high availability setups.