Active Directory / Entra ID Engineer

Responsibilities:

Conduct high level project design and create project charters

Review global directory services disaster recovery plans for gaps and define next steps

Engineer, deploy, operationalize, maintain, and support tools associated with AD & Entra ID

Contribute to the engineering and support of AD & Entra ID as needed

Communicate service enhancements and operational efficiency directions, features and roadmaps aligned to the roadmap

Providing technical leadership to others with less knowledge or experience

Liaise with, train, and support operational teams

Assist in technology evaluations and guiding proof of concepts

Participate in solution design discussions. Architect and assist in engineering global AD domain consolidation project(s)

Required Skills

Senior and experienced AD and Entra ID Engineer (5-7 years) with Large, Global Enterprise Experience

5+ years’ experience in directory services engineering

Good understanding of AD / Entra ID Security

AD Support: Extensive experience in supporting and troubleshooting on-prem Active Directory services (Authentication, DFS, GPO, LDAP)

AD Security: Good understanding of AD security, vulnerabilities, and common safeguards

Tier-0 Security: Specific understanding of Tier-0 and identifying its security boundaries

Domain Consolidation: Experience or enhanced understanding of consolidating a large enterprise AD forest

Cloud Interface: Familiar working with the AWS EC2 and Azure environments to build and support services

Tool Development: Experience performing POC testing and driving deployment of AD service-related tools

Customer Focus: Ability to work with application owners to troubleshoot AD service and integration issues

Documentation: Ability to author, review, and edit technical documents at an Engineering and Operational level

Presentation and Training: Ability to conduct knowledge transfer sessions to Engineering and Operations

Making Recommendations: Seek and recommend improvements on existing AD architecture, provide recommendations to improve IT systems

Experience with assisting in creating of Identity and Access Management (IAM) roadmaps for global directory services

Understanding of modern authentication (OIDC, SAML, Kerberos, etc.)

Understanding of Role-Based Access Control (RBAC), Policy-Based Access Control (PBAC) and Attribute-Based Access Control (ABAC)

Experience with privileged access management for administering directory services

Experience developing solution and system architecture

Understanding of use of machine learning (and exposure to AI) for technology evaluations and enhancement