Active Directory Engineer

Siri InfoSolutions Inc

Job Location:

Clinton, UT - USA

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

Please send me the resumes to Email:

Job Title:Active Directory Engineer

Location: Clinton NJ

Duration: Full Time

Job Description

Active Directory Engineer

The L2 Engineer for On-Premises and Azure Active Directory is responsible for maintaining the stability performance and security of enterprise directory services. This includes troubleshooting complex issues implementing enhancements and supporting seamless integration between on-prem AD and Azure AD. The role also requires proactive involvement in security hardening lifecycle management automation and supporting a hybrid cloud infrastructure.

Key Responsibilities:

1. Active Directory (On-Premises):

Design and Maintenance:

Architect and manage multi-domain multi-forest Active Directory environments.

Perform schema extensions and manage replication across sites.

Plan and execute AD migrations upgrades and domain consolidations.

Configuration and Optimization:

Configure and optimize Group Policy Objects (GPOs) for user and device management.

Manage trusts sites and services to ensure optimal directory performance.

Security:

Implement security measures such as access controls auditing and logging.

Regularly perform AD security assessments using tools like ADAudit PingCastle or BloodHound.

Address vulnerabilities identified through audits and penetration tests.

Troubleshooting:

Diagnose and resolve advanced AD issues related to authentication replication and performance.

Support complex Kerberos and NTLM authentication scenarios.

2. Azure Active Directory (AAD):

Integration and Management:

Deploy and configure Azure AD Connect for hybrid identity scenarios.

Ensure seamless synchronization of on-prem AD with Azure AD managing attributes and custom rules.

Implement conditional access policies Multi-Factor Authentication (MFA) and Privileged Identity Management (PIM).

Applications and SSO:

Integrate enterprise applications with Azure AD for Single Sign-On (SSO).

Manage OAuth OpenID Connect and SAML integrations for third-party services.

Identity Protection:

Configure Azure AD Identity Protection to monitor suspicious activity.

Investigate alerts and take corrective actions for compromised accounts.

3. Automation & Scripting:

Develop PowerShell scripts for bulk user management auditing and system automation.

Create and maintain Infrastructure as Code (IaC) templates for Azure AD resources using ARM Terraform or Bicep.

4. Monitoring & Reporting:

Use monitoring tools like Azure Monitor Sentinel or on-prem solutions to track system health and generate compliance reports.

Implement alerting mechanisms for unauthorized access attempts account lockouts or replication failures.

5. Collaboration & Documentation:

Work closely with other IT teams including network cloud and security to support initiatives.

Maintain detailed documentation for all configurations processes and troubleshooting guides.

Required Qualifications:

Expert-level knowledge of Microsoft Active Directory (2008 R2 2012 R).

In-depth experience with Azure Active Directory and hybrid identity management.

Strong understanding of LDAP Kerberos DNS and networking fundamentals.

Proficiency in PowerShell and experience with automation tools.

Familiarity with security tools like A zure Sentinel Defender for Identity or equivalent.

Certifications (Preferred):

Microsoft Certified: Identity and Access Administrator Associate.

Microsoft Certified: Azure Solutions Architect Expert.

CompTIA Security or CISSP (for security-focused roles).

Soft Skills:

Analytical thinking with excellent problem-solving abilities.

Ability to work independently and in cross-functional teams.

Effective communication skills for technical and non-technical stakeholders.

Additional Responsibilities (Optional):

Participate in disaster recovery and business continuity planning.

Assist in planning Zero Trust Architecture strategies.

Contribute to Identity Governance and Administration (IGA) initiatives.

This role typically requires 5 years of experience in identity management or related IT fields. The job may also involve being part of an on-call rotation for critical incident support.

Please send me the resumes to Email: Job Title:Active Directory Engineer Location: Clinton NJ Duration: Full Time Job Description Active Directory Engineer The L2 Engineer for On-Premises and Azure Active Directory is responsible for maintaining the stability performance and security o...

Please send me the resumes to Email:

Job Title:Active Directory Engineer

Location: Clinton NJ

Duration: Full Time

Job Description

Active Directory Engineer

Key Responsibilities:

1. Active Directory (On-Premises):

Design and Maintenance:

Architect and manage multi-domain multi-forest Active Directory environments.

Perform schema extensions and manage replication across sites.

Plan and execute AD migrations upgrades and domain consolidations.

Configuration and Optimization:

Configure and optimize Group Policy Objects (GPOs) for user and device management.

Manage trusts sites and services to ensure optimal directory performance.

Security:

Implement security measures such as access controls auditing and logging.

Regularly perform AD security assessments using tools like ADAudit PingCastle or BloodHound.

Address vulnerabilities identified through audits and penetration tests.

Troubleshooting:

Diagnose and resolve advanced AD issues related to authentication replication and performance.

Support complex Kerberos and NTLM authentication scenarios.

2. Azure Active Directory (AAD):

Integration and Management:

Deploy and configure Azure AD Connect for hybrid identity scenarios.

Ensure seamless synchronization of on-prem AD with Azure AD managing attributes and custom rules.

Implement conditional access policies Multi-Factor Authentication (MFA) and Privileged Identity Management (PIM).

Applications and SSO:

Integrate enterprise applications with Azure AD for Single Sign-On (SSO).

Manage OAuth OpenID Connect and SAML integrations for third-party services.

Identity Protection:

Configure Azure AD Identity Protection to monitor suspicious activity.

Investigate alerts and take corrective actions for compromised accounts.

3. Automation & Scripting:

Develop PowerShell scripts for bulk user management auditing and system automation.

Create and maintain Infrastructure as Code (IaC) templates for Azure AD resources using ARM Terraform or Bicep.

4. Monitoring & Reporting:

Use monitoring tools like Azure Monitor Sentinel or on-prem solutions to track system health and generate compliance reports.

Implement alerting mechanisms for unauthorized access attempts account lockouts or replication failures.

5. Collaboration & Documentation:

Work closely with other IT teams including network cloud and security to support initiatives.

Maintain detailed documentation for all configurations processes and troubleshooting guides.

Required Qualifications:

Expert-level knowledge of Microsoft Active Directory (2008 R2 2012 R).

In-depth experience with Azure Active Directory and hybrid identity management.

Strong understanding of LDAP Kerberos DNS and networking fundamentals.

Proficiency in PowerShell and experience with automation tools.

Familiarity with security tools like A zure Sentinel Defender for Identity or equivalent.

Certifications (Preferred):

Microsoft Certified: Identity and Access Administrator Associate.

Microsoft Certified: Azure Solutions Architect Expert.

CompTIA Security or CISSP (for security-focused roles).

Soft Skills:

Analytical thinking with excellent problem-solving abilities.

Ability to work independently and in cross-functional teams.

Effective communication skills for technical and non-technical stakeholders.

Additional Responsibilities (Optional):

Participate in disaster recovery and business continuity planning.

Assist in planning Zero Trust Architecture strategies.

Contribute to Identity Governance and Administration (IGA) initiatives.

This role typically requires 5 years of experience in identity management or related IT fields. The job may also involve being part of an on-call rotation for critical incident support.