Active Directory Consultant

Why this job matters

Shown on internal and external postingSection content, to edit press enter. You will be part of dynamic team who will be designing and implementing Zero Trust Security Model to improve BTs security posture. You will be having an opportunity to work on Active Directory and Microsoft Entra ID (Azure Active Directory) and various new data security and compliance capability/tools such as MDI, MDE. We are seeking a skilled and detail-oriented Active Directory professional to manage, maintain, and support our large enterprise Active Directory (AD) multi forest environment. This role is responsible for ensuring the integrity, security, and efficient operation of our AD/Entra ID infrastructure across multiple domains and environments.

You will be part of dynamic team who will be designing and implementing Zero Trust Security Model to improve BT’s security posture. You will be having an opportunity to work on Active Directory and Microsoft Entra ID (Azure Active Directory) and various new data security and compliance capability/tools such as MDI, MDE.
We are seeking a skilled and detail-oriented Active Directory professional to manage, maintain, and support our large enterprise Active Directory (AD) multi forest environment. This role is responsible for ensuring the integrity, security, and efficient operation of our AD/Entra ID infrastructure across multiple domains and environments.

Section Title: What you’ll be doing

What you’ll be doing

Shown on internal and external postingSection content, to edit press enter. • Strong knowledge of Windows Server (2016/2019/2022/2025) and Active Directory architecture. • Proficiency in Group Policy management, PowerShell scripting, and AD automation. • Experience with identity management tools (Entra ID, SailPoint, etc.) is a plus. • Manage and maintain Active Directory (AD) environment, including user accounts, groups, organizational units (OUs), group policies (GPOs), DNS, delegation, AD integrated services and trusts relation. • Configure and manage domain controllers(demote/promote), replication, and forests/domains. • Configure and manage Certificate Authority, Secure Certificate Templates Understanding of PKI Infrastructure. • Implement and enforce security policies in accordance with IT best practices and compliance standards. • Troubleshoot and resolve AD-related issues, including login problems, replication errors, and access control issues. • Plan and execute changes to AD infrastructure, including migrations, upgrades, and disaster recovery. • Collaborate with IT teams on access management, single sign-on (SSO), SailPoint and identity federation solutions. • Document AD configurations, processes, and procedures. • Improving Active Directory security posture by implementing various security controls like MDI, CrowdStrike, Qualys, and Patch deployment etc • Writing PowerShell scripts to generate various reports. • Exploring new Active Directory and Microsoft Entra ID (Azure Active Directory) Security features and help to implement it. • Detailed knowledge on Microsoft Active Directory and Entra ID (Azure Active Directory), Microsoft Entra ID Connect (AD Connect. Skills • Troubleshoot and resolve AD Connect sync issue • Knowledge of Identity Protection, Conditional Access Policy, Privileged Identity Management, SSPR and Role Based Access Control. • Expertise on various authentication protocols – Kerberos, SAML, OAUTH 2.0, OIDC • Familiarity with Microsoft Defender features – Microsoft Defender for Cloud Apps, Microsoft Defender for Identity (MDI), Microsoft Defender for Endpoint (MDE) • Ability to write required PowerShell Scrips. • Proficiency in AD backup tool like Quest RMAD. • Plan and execute Disaster Recovery for Active Directory Forest. • Proficiency in Migration tool such as ADMT, Quest Migration or other. • Configure and manage ADFS for federation service. • Learning various trending attacks / vulnerabilities and checking if we are on correct state to withstand / prevent / identify those attacks. • Microsoft certifications (e.g., MCSA, MCSE, Azure Administrator Associate). • Ability to work on Service now incidents, service request and change request. • Active Directory Security, vulnerability remediation. • Troubleshooting Active Directory issues reported by Cross Functional team, identifying root cause, and providing the solution. Experience • 6+ years of experience in Active Directory, ADCS, ADFS and Entra ID (Azure AD) administration. • Familiarity with Entra ID and various authentication protocols SAML, OAuth, Open ID, Kerberos. • Microsoft certifications (e.g., MCSA, MCSE, Azure Administrator Associate). • Basic of Linux, Networking and Virtualization.

•    Strong knowledge of Windows Server (2016/2019/2022/2025) and Active Directory architecture.
  •    Proficiency in Group Policy management, PowerShell scripting, and AD automation.•    Experience with identity management tools (Entra ID, SailPoint, etc.) is a plus.•    Manage and maintain Active Directory (AD) environment, including user accounts, groups, organizational units (OUs), group policies (GPOs), DNS, delegation, AD integrated services and trusts relation.•    Configure and manage domain controllers(demote/promote), replication, and forests/domains.•    Configure and manage Certificate Authority, Secure Certificate Templates Understanding of PKI Infrastructure.•    Implement and enforce security policies in accordance with IT best practices and compliance standards.•    Troubleshoot and resolve AD-related issues, including login problems, replication errors, and access control issues.•    Plan and execute changes to AD infrastructure, including migrations, upgrades, and disaster recovery.•    Collaborate with IT teams on access management, single sign-on (SSO), SailPoint and identity federation solutions.•    Document AD configurations, processes, and procedures.•    Improving Active Directory security posture by implementing various security controls like MDI, CrowdStrike, Qualys, and Patch deployment etc•    Writing PowerShell scripts to generate various reports.•    Exploring new Active Directory and Microsoft Entra ID (Azure Active Directory) Security features and help to implement it.
•    Detailed knowledge on Microsoft Active Directory and Entra ID (Azure Active Directory), Microsoft Entra ID Connect (AD Connect.

Skills
•    Troubleshoot and resolve AD Connect sync issue•    Knowledge of Identity Protection, Conditional Access Policy, Privileged Identity Management, SSPR and Role Based Access Control.•    Expertise on various authentication protocols – Kerberos, SAML, OAUTH 2.0, OIDC•    Familiarity with Microsoft Defender features – Microsoft Defender for Cloud Apps, Microsoft Defender for Identity (MDI), Microsoft Defender for Endpoint (MDE)•    Ability to write required PowerShell Scrips.•    Proficiency in AD backup tool like Quest RMAD.•    Plan and execute Disaster Recovery for Active Directory Forest.•    Proficiency in Migration tool such as ADMT, Quest Migration or other.•    Configure and manage ADFS for federation service.•    Learning various trending attacks / vulnerabilities and checking if we are on correct state to withstand / prevent / identify those attacks.•    Microsoft certifications (e.g., MCSA, MCSE, Azure Administrator Associate).•    Ability to work on Service now incidents, service request and change request.•    Active Directory Security, vulnerability remediation.•    Troubleshooting Active Directory issues reported by Cross Functional team, identifying root cause, and providing the solution.

Experience

•    6+ years of experience in Active Directory, ADCS, ADFS and Entra ID (Azure AD) administration.
  •    Familiarity with Entra ID and various authentication protocols SAML, OAuth, Open ID, Kerberos.•    Microsoft certifications (e.g., MCSA, MCSE, Azure Administrator Associate).•    Basic of Linux, Networking and Virtualization.