Role: Senior Windows & Active Directory Engineer (Identity & Infrastructure Support)

Location: USA, remote

1 Position

JD

Role Summary

We are seeking a highly skilled Senior Windows & Active Directory Engineer to provide Tier 3 operational support and engineering expertise across Active Directory Domain Services, Group Policy, and Identity lifecycle management. This role will serve as the primary escalation point for complex AD/Windows Server issues, including support for in-flight Domain Controller (DC) migrations and identity governance solutions such as SailPoint IdentityNow and Microsoft Identity Manager (MIM).

In addition, the role will provide secondary support for AWS (EC2, RDS) environments and medium-level support for VMware virtualization platforms.

Key Responsibilities

• Primary Support (Required)

Active Directory Domain Administration

Provide Tier 3 support for Active Directory Domain Services (AD DS) including replication, DNS integration, authentication/authorization, trusts, sites/services, and domain health monitoring.

Support and troubleshoot in-flight Domain Controller migrations (e.g., OS upgrades, domain functional level changes, DC build/decommission, replication cutovers).

Administer and troubleshoot Group Policy Objects (GPOs) including policy design, deployment, conflict resolution, and impact analysis.

Lead root cause analysis (RCA) for AD incidents and develop preventive measures and standard operating procedures.

Identity & Group Management / Identity Lifecycle

Administer and support identity lifecycle processes: joiner/mover/leaver workflows, access provisioning/deprovisioning, role/group assignments, and entitlement reviews.

Provide operational support and troubleshooting for identity platforms such as:

SailPoint IdentityNow (Identity Governance/IGA)

Microsoft Identity Manager (MIM) (sync rules, connectors/agents, workflows, and service components)

Resolve complex issues involving identity sync, account correlation, group/role governance, and downstream application provisioning.

Microsoft Windows Server (2012 R2 - 2025)

Provide Tier 3 support for Windows Server platforms, including patching/servicing, performance tuning, event log analysis, and recovery.

Troubleshoot server-side authentication issues (Kerberos/NTLM), certificate-related issues, and platform reliability concerns.

Contribute to server lifecycle management, hardening, and operational standards.

• Secondary Support (High)

AWS (EC2, RDS)

Support and troubleshoot AWS infrastructure components with a focus on EC2 compute instances and RDS database services.

Assist with incident resolution involving connectivity, IAM permissions, security groups, patching, backup/restore, and monitoring alarms.

Partner with cloud/platform teams to implement operational improvements and documentation.

Secondary Support (Medium)

VMware

Provide support for VMware environments (vSphere/ESXi), including VM lifecycle, basic performance troubleshooting, snapshots, and guest-level integration issues.

Collaborate with virtualization teams on capacity, operational stability, and incident response.

Required Qualifications

Strong hands-on experience in Active Directory Domain Administration in an enterprise environment.

Proven Tier 3 troubleshooting capability for GPO, replication, authentication issues, and domain services.

Demonstrated experience with Identity lifecycle management and enterprise IAM/IGA platforms:

• SailPoint IdentityNow
• Microsoft Identity Manager (MIM)

Extensive experience supporting Microsoft Windows Server (2012 R2 through 2025).

Strong documentation, incident management, and RCA skills.

Preferred Qualifications (Nice to Have)

Working knowledge of AWS EC2 and RDS operations and troubleshooting.

Familiarity with VMware vSphere/ESXi administration and support.

Experience supporting DC migration programs, modernization initiatives, or hybrid identity environments.

Scripting/automation skills (PowerShell strongly preferred) for operational efficiency.

ITIL familiarity (Incident, Problem, Change processes) and experience working in enterprise support models.

Core Competencies

Tier 3 troubleshooting mindset; strong analytical and diagnostic ability

Clear written and verbal communication; ability to explain complex issues to technical and non-technical stakeholders

Ownership, prioritization, and ability to operate in high-severity incidents

Strong collaboration across Identity, Security, Cloud, Network, and Application teams

Success Measures (What "Good" Looks Like)

Reduced recurring AD/Identity incidents through effective RCA and prevention

Improved reliability and performance of AD and Windows Server environments

Timely resolution of Tier 3 escalations with high customer satisfaction

Clear documentation and repeatable operational procedures

Effective cross-team coordination during migrations and major incidents

Hours/Coverage:

Primary working hours need to be Eastern (7am-4pm, 8am-5pm, 9am-6pm). On-call for high-severity issues. (40h per week)