We are seeking an experienced Active Directory / Entra ID Engineer with strong L2/L3 infrastructure administration background. This role focuses on the design, operation, and evolution of Active Directory On-Prem services within a large-scale, distributed, and highly secured environment.
While security awareness is important, this is an infrastructure engineering role—we are looking for AD/Entra ID administrators with strong operational experience, not security analysts.
Main Responsibilities
- Administer, operate, and harden Corporate / Resources / Isolation AD forests
- Manage Domain Controllers (Windows Server 2019/2022), GPO, DNS, Sites & Services, replication
- Manage Entra ID, IAM, and AD Connect
- Support AD consolidation, DNS redesign, tiering, and securing sensitive accounts
- Automate operational tasks using advanced PowerShell (audits, provisioning, remediation)
- Contribute to AD Disaster Recovery Plan (detection, restoration, communication)
- Monitor and audit using tools like Change Auditor, EDR, and log collection
- Participate in M&A, application integration, onboarding/offboarding, and security compliance
- Maintain documentation (DAT/DEX) and contribute to AD governance
Qualifications & Experience
- L2/L3 infrastructure support experience—you have worked in operational environments handling escalations
- Active Directory Domain Services administration (DNS, GPO, PKI, ADFS)
- Entra ID / Azure AD Connect / Identity Governance experience
- Advanced PowerShell scripting for automation and remediation
- Strong understanding of security concepts: RBAC, Zero Trust, MFA, AD Tiering
- Experience with tools such as Sempris ADFR, Ranger AD, PingCastle, Microsoft 365, Defender, GraphAPI
- Bachelor's degree with 2–5+ years of significant AD / Entra ID experience
- Ability to work in cross-functional, global teams
- Strong documentation skills and ability to anticipate risks
- Knowledge of AD Disaster Recovery Planning (DRP) / Business Continuity Planning (BCP) preferred
