Solution Architect – Active Directory & Identity and Access Management (IAM)

Solution IT Inc. is looking for Solution Architect Active Directory & Identity and Access Management (IAM) for one of its clients in Princeton NJ - Remote

Role Overview

The Solution Architect AD & IAM will be responsible for defining identity architecture leading Active Directory and cloud identity migrations and implementing secure scalable IAM solutions aligned with business and compliance requirements. The role involves close collaboration with clients delivery teams security and infrastructure stakeholders to ensure robust identity governance and authentication frameworks.

Key Responsibilities

• Architect design and govern enterprise Active Directory (AD) and IAM solutions across on premises hybrid and cloud environments
• Lead Active Directory modernization and migration initiatives including forest/domain consolidation tenant-to-tenant migrations and legacy AD decommissioning
• Define and implement Microsoft 365 identity architectures supporting:
• Exchange Online
• OneDrive
• SharePoint Online
• Microsoft Teams
• Design and manage Azure Entra ID (Azure AD) solutions including:
• Hybrid identity using AAD Connect
• Directory synchronization and federation
• Conditional Access and identity protection policies
• Drive Identity Governance & Administration (IGA) frameworks:
• Joiner-Mover-Leaver (JML) processes
• Automated access provisioning and deprovisioning
• Role Based Access Control (RBAC)
• Lead Single Sign On (SSO) and application identity integrations using:
• SAML
• OAuth
• OpenID Connect
• Architect secure authentication and authorization mechanisms including:
• Kerberos (including double hop scenarios)
• NTLM
• AES encryption and exception handling
• Establish and enforce Active Directory security and hardening standards including:
• Group Policy Object (GPO) design and governance
• Tiered administration models
• Privileged Access Management (PAM)
• Design and manage Public Key Infrastructure (PKI) and Certificate Authority (CA) solutions
• Provide architectural oversight for Windows Server platforms including:
• OS level troubleshooting
• Patch management
• Software deployment
• Act as a trusted advisor to clients contributing to solution design estimations technical proposals and roadmaps
• Review and validate solution designs ensuring alignment with security compliance and enterprise standards

Required Skills & Expertise

• Deep expertise in On-Premises Active Directory architecture administration and security
• Strong hands-on experience with AD migrations and modernization projects
• Proven experience with Microsoft 365 migrations and identity integration
• Strong working knowledge of Azure Entra ID (Azure AD) and hybrid identity models

• Solid understanding of IAM IGA and access governance frameworks
• Extensive experience with SSO protocols and identity federation
• Strong background in authentication protocols and directory security
• Experience with PKI certificates and CA management
• Strong Windows Server administration and troubleshooting skills

Good to Have

• Experience leading large-scale enterprise or multi-tenant identity programs
• Client facing solutioning or pre sales experience
• Exposure to zero trust identity architectures
• Relevant certifications (Microsoft IAM Security)

Work Site: Princeton NJ Remote

Duration: 6 Months

Expected Start Date: Immediate

Number of Positions: 1

Please send your responses back to

About Solution IT

Solution IT is a national IT consulting company specializing in: Technology Staffing and Oracle E-Business Solutions based in Boston Massachusetts.

Thanks
Recruiting Team

SOLUTION IT INC
Work: / Extn 143 / 146

URL:

Confidentiality Notice: The material in this e-mail is intended only for the use of the individual to whom it is addressed and may contain information that is confidential privileged and exempt from disclosure under applicable law. If you are not the intended recipient(s) be advised that the unauthorized use disclosure copying distribution or the taking of any action in reliance on this information is strictly prohibited. If you have received this e-mail in error please immediately contact the sender by reply email and destroy all copies of the original message. Thank you.

Under Bill s.1618 Title III passed by the 105th U.S. Congress this mail cannot be considered as spam as long as we include contact information and a remove link for removal from our mailing order to not be in the recipients-list for this mail please reply to us with REMOVE either in the subject or in the mail body. Please include all pertinent email addresses. Our apologies for any inconveniences caused by this mail.