Active Directory Engineer

About The Position

Requirements

• Strong hands-on experience managing Microsoft Active Directory within large-scale enterprise environments.
• Proven experience implementing fixes and maintenance activities for domain controllers, including patching, security hardening, and production configuration changes.
• Solid understanding of Active Directory security concepts, delegation strategies, and privileged access management.
• Experience supporting Active Directory within a broader Identity and Access Management (IAM) framework.
• Strong troubleshooting abilities across authentication, replication, DNS, account provisioning, and access-related issues.
• Effective written and verbal communication skills with experience operating in regulated or audit-focused environments.

Nice To Haves

• Experience integrating Active Directory with identity governance or privileged access management solutions.
• Familiarity with endpoint privilege management and local administrator access models driven through Active Directory group policies or memberships.
• Experience supporting enterprise Active Directory environments spanning multiple domains, regions, or global infrastructures.

Responsibilities

• Design, administer, secure, and support Active Directory forests, domains, trusts, organizational units, Group Policy Objects (GPOs), and domain controllers.
• Develop, test, and implement remediation efforts for domain controllers, including operating system patching, security hardening, configuration updates, and resolution of replication or performance issues.
• Support user identity lifecycle processes (joiner, mover, leaver) by provisioning, updating, and deactivating Active Directory accounts and security groups through integrated IAM workflows.
• Build and maintain role-based and group-based access structures that align with governance standards and least-privilege access principles.
• Collaborate with IAM and PAM teams to support privileged access strategies, delegated administration models, and administrative security group management.
• Monitor and troubleshoot Active Directory environments, addressing issues related to authentication, replication, DNS, domain controller health, and account access incidents.
• Support integrations between Active Directory and identity governance, authentication, certification, and access request platforms.
• Create and maintain operational procedures, standards, runbooks, and technical documentation related to Active Directory administration and domain controller management.
• Participate in change management activities, audit support, incident response, and ongoing improvement initiatives aligned with security and IAM objectives.