Senior Active Directory (AD) Engineer

About The Position

Requirements

• Must meet IAT Level II or III requirements.
• Common requirements include Security+ CE and a computing environment certification like Microsoft Certified: Identity and Access Administrator Associate.
• Typically 8–10+ years of experience managing large-scale, distributed AD environments, specifically within a DoD or federal context.
• Deep expertise in AD DS, ADFS (Federation Services), Azure AD Connect, and PKI (Public Key Infrastructure)/Certificate Services.

Nice To Haves

• Experience with an Active Directory environment with multiple forests in an enterprise environment, Lightweight Directory Access Protocol (LDAP) directories, Public Key Infrastructure (PKI) systems, Enterprise Identity, Credential and Access Management (e-ICAM) and enclaves.

Responsibilities

• Design and maintain the customer’s Active Directory architecture, including forest trusts, domain controllers, and site topologies to ensure seamless replication across the Network.
• Implement and support Identity, Credential, and Access Management (ICAM) solutions, including the integration of Azure Active Directory (Entra ID) for hybrid cloud environments and Office 365.
• Hardening the AD environment by applying DISA STIGs (Security Technical Implementation Guides). This includes managing the Tier Model (Tier 0, 1, 2) to prevent privilege escalation and lateral movement.
• Create, test, and manage complex Group Policy Objects (GPOs) to enforce security settings and software configurations across the enterprise.
• Develop and maintain advanced PowerShell scripts to automate routine tasks, such as bulk account provisioning, auditing, and health checks.

Benefits

• health, dental and vision insurance
• 401K with company matching
• flexible spending accounts
• paid holidays
• three weeks paid time off