Microsoft Azure Active Directory Architect / Admin

at Cygnus Professionals
Published September 18, 2022
Location Framingham, MA
Category All  
Job Type Full-Time  

Description

Active Directory Architect

This role requires an in-depth knowledge of the Active Directory, Domain controllers, Azure Cloud, and a proficiency in PowerShell scripting. The candidate must have demonstrated prior and active experience in managing multi-domain issues. The candidate will be supporting a demerger of an Enterprise and creating a NEWCOMPANY with  new domain names and active directory.

The successful candidate will be a self-starter, someone who can work independently, and will be flexible in a fast-paced environment.

Responsibilities

  • Applies advanced subject matter knowledge to solve complex business issues and is regarded as a subject matter expert.
  • Frequently contributes to the development of new ideas and methods. Works on complex problems where analysis of situations or data requires an in-depth evaluation of multiple factors.
  • Acts as an expert providing direction and guidance to process improvements and establishing policies.
  • Independently implements end-user or enterprise infrastructure or services of significant complexity.
  • Create and document detailed guides and tracking documents - for clients to leverage as part of Active Directory hardening and overall infrastructure enhancements.
  • Tier 3 level troubleshooting including diagnosing complex replication and multi domain issues.
  • Develop standards, target states, roadmaps, effectively communicating and obtaining consensus across architecture, engineering, and operations teams

Qualifications

Required Education & Experience

  • Bachelor's degree with 10+ years of recent system engineering experience. Additional training and experience may be substituted in lieu of a degree.
  • Expert knowledge administering AD, AAD and ADFS in hybrid environments
  • Expert knowledge administering AD and AAD support services such as AAD Conditional Access Policies, AAD Self-Service Password Reset (SSPR), AAD Connect and Windows Server DNS
  • Expert knowledge designing, testing, deploying and maintaining Active Directory Group Policy (GPO) for the purpose of securing Domain Controllers, Domain Member Servers and Domain Member Workstations
  • Expert analyzing security risks with proposed changed to AD, AAD, ADFS, AZAP, Domain Controllers, GPOs, etc. and providing an understandable summary of those risks to management for proper implementation decisions
  • Experience administering multiple AD forests with forest trusts.
  • Knowledge of third-party AD support services such as Quest Active Roles, Quest Change Auditor for AD
  • Knowledge of Microsoft Identity Manager
  • Knowledge on configuring, deploying and onboarding applications for remote access via AZAP, including the use of Kerberos constrained delegation (KCD) for Single Sign On.
  • Must have a deep and thorough understanding of monitoring best practices,
  • Extensive experience with infrastructure and server theories, principles, and concepts; application infrastructure and standards; networking fundamentals
  • Experience translating technical issues into understandable business language for end-users
  • Experience working with cyber security teams to actively update AAD conditional access policy and AD Group Policies as determined by cyber threats and operational requirements
  • Knowledge of Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) - as it pertains to Enterprise Domain design and support
  • Experience as a subject matter expert (SME) Senior Active Directory System Engineer or Architect in a large AD environment with the proven ability to coordinate technical efforts and resolve issues across multiple teams.
  • Strong working knowledge of Windows 2016 and 2019 Member Servers and Domain Controller operating systems platforms, DNS, networks, DMZs, network security zones
  • PowerShell scripting experience and capabilities
  • Expert knowledge of ADDS, ADFS, Azure AD and Windows Server Operating Systems 2016 & up.
  • Hands-on expertise with Azure AD Connect and AD Cloud SaaS.

- provided by Dice

Only registered members can apply for jobs.