Active Directory Administrator

Job Summary

We are seeking a highly skilled Active Directory & Entra ID Administrator to manage and support our hybrid identity infrastructure across on-premises and cloud environments. The ideal candidate will have deep expertise in Active Directory (AD), Azure Entra ID (formerly Azure AD), identity federation (ADFS/AD Connect), and certificate services, along with proven experience automating and securing enterprise identity ecosystems through PowerShell and best-in-class IAM practices.

Key Responsibilities

Active Directory Administration Manage and maintain complex AD environments, including forests, domains, trusts, replication, and DNS integration. Monitor domain controller health, replication, and secure channel integrity across global sites. Implement and manage Group Policies, organizational units (OUs), FSMO roles, and delegations. Harden AD security with robust auditing, privileged access controls, and fine-grained password policies. Hybrid Identity & Entra ID Administer and manage hybrid identity synchronization using Azure AD Connect and ADFS. Implement and maintain MFA, Conditional Access, and SSO (Single Sign-On) policies across hybrid identity systems. Support Entra ID lifecycle operations: user provisioning, role assignments, app registration, and service principals. Collaborate with cloud teams to align on Zero Trust, Identity Protection, and Access Governance. Infrastructure & Security Components Configure and manage Public Key Infrastructure (PKI), including enterprise CAs, CRLs, and certificate templates. Manage DFS, FTP, and file access permissions with adherence to least privilege principles. Support and troubleshoot identity federation services and SSL/TLS certificate renewals. Participate in DR planning and execute Active Directory backup & recovery strategies (native and third-party tools). Automation & Documentation Develop PowerShell scripts to automate user lifecycle, group management, and security reporting. Prepare and maintain High-Level (HLD) and Low-Level Design (LLD) documents for all identity components. Conduct periodic architecture and security reviews to ensure scalability, compliance, and operational excellence. Contribute to continuous improvement and standardization of IAM processes and runbooks.

Required Skills & Qualifications

3+ years of hands-on experience managing Active Directory and related identity services in enterprise environments. Expertise in ADDS, ADFS, AD Connect, DFS, PKI, and FTP configuration and troubleshooting. Strong experience with Azure Entra ID / Azure AD, Conditional Access, and Hybrid Identity models. Deep understanding of IAM principles, privileged access, and certificate/key management. Proficiency in PowerShell scripting for automation, reporting, and delegated administration. Ability to design and review HLD/LLD documentation and architecture blueprints. Excellent analytical, troubleshooting, and communication skills.

Preferred Qualifications

Microsoft certifications such as SC-300 (Identity and Access Administrator), AZ-104 (Azure Administrator), or MS-100 (Microsoft 365 Identity and Services). Experience integrating third-party IAM solutions (e.G., Okta, CyberArk, or SailPoint). Knowledge of Azure Policy, RBAC, and Conditional Access Templates. Familiarity with enterprise compliance frameworks (ISO 27001, NIST, CIS). Exposure to Disaster Recovery, Rubrik/Veeam AD backup, or Forest Recovery planning.

Soft Skills

Strong ownership and accountability in production environments. Excellent documentation, collaboration, and stakeholder communication skills. Ability to manage multiple priorities in a global, fast-paced IT environment. Proactive mindset with focus on automation, optimization, and security.