Senior Active Directory Specialist (Architect)
Description:
The Senior Active Directory Specialist is responsible for the Global design of the OT Active Directory (AD) environment for a 6 months contract period, ensuring optimal performance, security, and availability. This role plays a critical part in designing appropriate identity and access, enforcing security best practices, and supporting enterprise-wide authentication and directory services.
Key Responsibilities:
Active Directory Administration
Design the AD infrastructure, including domain controllers, DNS, DHCP, and Group Policy
Suggest processes to Monitor, troubleshoot, and optimize AD to ensure stability and performance
Identity & Access Management (IAM)
Develop IAM policies, procedures, and controls
Design mechanisms and suggest procedures for user provisioning, de-provisioning, and access control in alignment with security policies (Design)
Security & Compliance
Design AD security best practices, inline with current practices including MFA, security baselines, and privileged access management
Suggest processes to conduct security audits, patching, and vulnerability assessments.
Disaster Recovery & Backup
Design AD disaster recovery and business continuity plans
Design backup and recovery tests to ensure data integrity and availability
Scripting & Automation
Suggest PowerShell scripts to automate AD tasks such as account management and reporting
Suggest automated monitoring and alerting solutions for AD performance and security
Collaboration & Support
Work with IT teams to plan integration of AD with cloud services (e.g., Azure AD, Office 365)
Provide expert-level support for AD-related incidents and service requests
Documentation & Reporting
Maintain detailed documentation of AD architecture, policies, and procedures
Required Skills and Qualifications:
Bachelors degree in Computer Science, Information Technology, or a related field
10+ years of experience managing and administering Active Directory in enterprise environments
Expertise in Windows Server, DNS, DHCP, Group Policy, and PowerShell scripting
Experience with Azure AD, ADFS, and identity federation
Strong understanding of AD security hardening, MFA, PKI, and LDAP
Familiarity with IAM tools such as Okta, CyberArk, or similar
Excellent troubleshooting, analytical, and communication skills
Preferred Certifications:
Microsoft Certified: Identity and Access Administrator Associate
Microsoft Certified: Server Infrastructure (Must Have)
Microsoft Certified: Cloud Platform and Infrastructure (Must Have)
Microsoft Certified: Windows Server Hybrid Administrator Associate
CompTIA Security+ or CISSP (Advantageous)
Microsoft Azure Fundamentals or Azure Administrator Associate