The Active Directory, Citrix Windows Platform Specialist is a senior hands-on role responsible for the design, migration, governance, and lifecycle management of core enterprise platforms Active Directory, Citrix virtualization stack, and Windows Server estate in AWS cloud environments. This role combines deep technical expertise in identity, access, and virtualization with strong operational governance for Windows infrastructure, patching, and compliance. The specialist will lead the migration of Active Directory to AWS Managed AD and Citrix to Citrix Cloud (DaaS), ensuring resilience, security, and modernization aligned with enterprise, operational, and compliance standards.
MAIN DUTIES AND RESPONSIBILITIES
- Design and manage multi-domain and forest Active Directory architecture (trusts, OU design, replication, FSMO roles) and Administer DNS, and GPOs across environments.
- Manage ADCS (PKI hierarchy) for certificates, CRL, FAS integration, and auto-enrollment and manage ADFS, Azure AD Connect, and AWS Identity Center for SSO and federation.
- Define and enforce RBAC and privileged access controls for domain admin , service accounts and implement PowerShell automation for user lifecycle, policy updates, and audit reporting.
- Conduct forest functional upgrades, domain migrations, and AD health remediations. Maintain CIS-aligned security baselines and audit readiness (ISO 27001, SOC 2).
- Lead and execute migration of on-premises AD to AWS Managed Microsoft AD with minimal business disruption.
- Manage, troubleshoot existing Citrix Virtual Apps, StoreFront, Delivery Controllers, VDAs, and Licensing Server. Setup new environments as needed.
- Setup and Maintain NetScaler (ADC) gateways configure HA, SSL offloading, load balancing, and authentication policies.
- Administer Federated Authentication Service (FAS) integrated with ADCS and Okta. Monitor performance via Citrix Director, ADM, and AWS CloudWatch and troubleshoot all citrix related issues.
- Lead the transition of Citrix Virtual Apps from self-managed to Citrix Cloud DaaS. Design and operate Citrix Cloud resource locations, connectors, and workspace configurations
- Own and govern the Windows Server environment across all business units (domain controllers, application servers, infrastructure workloads). Standardize Windows build templates for consistent deployment across environments.
- Perform capacity planning, performance optimization, and vulnerability remediation. Maintain inventory of Windows server CALs, and compliance with Microsoft licensing models.
- Ensure monitoring, alerting, and backup validation for all Windows workloads
- Develop and Responsible for Operational SOPs, Operational Ownership, recovery playbooks and change control documentation.
- Maintain runbooks for DR, including AWS snapshots, failover validation, and recovery.
- Mentor junior engineers and ensure knowledge transfer to internal teams.
- Integrate system logs with SIEM for visibility and anomaly detection. Align all environments with SOC 2, ISO 27001 and CIS frameworks.
- Design, develop and manage Active Directory and any component of Citrix Backup and Recovery.
- Optimise the usage of resources across the environments to be cost efficient.
- Plan and execute decommissioning of legacy DCs. Ensure all domain controllers and windows servers are running latest supported Windows Server versions. Perform schema and functional level upgrades
COMPETENCIES
Must have skills:
- Active Directory Core: FSMO, Trusts, Sites Services, GPO
- Identity Federation: ADFS, Azure AD Connect, Okta, AWS Identity Center, SAML/OIDC
- PKI / ADCS: Enterprise/Subordinate CA, CRL, Certificate Templates, FAS Integration
- DNS/: Split-DNS, DNS scavenging, IPAM
- Citrix Stack: Citrix Virtual Apps , StoreFront, DDC, VDA, Licensing
- Citrix Cloud / DaaS: Citrix Cloud Connector, Resource Location, Cloud Studio
- NetScaler ADC: GSLB, SSL offload, HA, SAML, authentication policies
- Windows Platform: SCCM, Systems Manager, PowerShell DSC
- Automation: PowerShell, Citrix SDK, REST API, Terraform (plus)
- Security Monitoring: CIS Baselines, SIEM , MFA, CloudWatch, ADM
Good to have/ Desired skills:
- Automation Infrastructure as Code (IaC)
- Cloud Integration Optimization
- Security Compliance Hardening
- Good communication and written skills
EDUCATION, CERTIFICATION AND EXPERIENCE
- bachelors Degree in Computer Science, Information Technology, or equivalent.
- 8 12 years hands-on experience managing Active Directory, Citrix, and Windows infrastructure.
- Proven experience leading migration to AWS Managed AD and Citrix Cloud (DaaS).
Preferred Certifications:
- Microsoft Certified: Identity and Access Administrator / Windows Server Hybrid Administrator
- Citrix Certified Professional
- AWS Certified SysOps Administrator
- ITIL Foundation
Why join us
- Operative is a technology-oriented product organization that believes in empowering its people
- We use the latest tech stack and empower our engineers to learn, work and ideate on new technologies available in the market
- We provide flexi work schedules and remote working to encourage work life balance
- We are an equal opportunities employer and recruit based on the experience and skill set.
- We offer a competitive salary and benefits package
