Job
Description
Responsibilities: Advanced Active Directory Management: Provide expert-level administration, maintenance, and optimization of complex on-premises Active Directory environments, including multi-domain forests, trusts, replication, schema management, and advanced group policy configuration. Entra ID (Azure AD) Expertise: Architect, implement, and manage comprehensive cloud-based identity and access management solutions using Entra ID, including user and group provisioning, Conditional Access policies, Multi-Factor Authentication (MFA), Identity Protection, and Azure AD Connect. Hybrid Identity Architecture: Design, implement, and manage robust hybrid identity solutions integrating on-premises AD with Entra ID, ensuring seamless and secure authentication and authorization across both environments. Authentication and Authorization: Deep understanding and implementation of various authentication protocols (e.g., Kerberos, LDAP, SAML, OAuth, OpenID Connect) and authorization mechanisms. Security and Compliance: Implement and enforce security policies and compliance requirements related to identity and access management. Participate in security assessments and audits. Troubleshooting and Root Cause Analysis: Lead complex troubleshooting efforts for intricate issues related to Active Directory, Entra ID, and hybrid identity. Perform thorough root cause analysis and implement effective resolutions. Automation and Scripting: Develop and maintain PowerShell scripts and other automation tools to streamline identity management tasks, improve efficiency, and ensure consistency. Directory Synchronization: Plan, implement, and manage Azure AD Connect and other directory synchronization tools, ensuring the integrity and consistency of identity data between on-premises and cloud environments. Identity Governance: Implement and manage identity governance solutions, including user lifecycle management, access reviews, and privileged access management (PAM). Integration with Applications: Integrate Entra ID with various SaaS applications and on-premises systems for single sign-on (SSO) and centralized identity management. Project Leadership: Lead and contribute to projects related to identity infrastructure upgrades, migrations, and new service deployments. Develop project plans, timelines, and documentation. Documentation and Training: Create and maintain comprehensive technical documentation, including design specifications, configuration guides, and troubleshooting procedures. Provide knowledge transfer and training to other team members. Vendor Management: Interact with Microsoft and other vendors for support and product-related inquiries. On-Call Support: Participate in an on-call rotation to provide after-hours support for critical identity-related issues. Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field (or equivalent experience). Minimum of 10-12 years of progressive experience in managing and supporting Active Directory environments. Significant experience with Entra ID (Azure AD) and hybrid identity management. Deep understanding of core Microsoft identity technologies, including Active Directory, Azure AD Connect, and related services. Strong knowledge of authentication protocols (Kerberos, LDAP, SAML, OAuth, OpenID Connect) and authorization frameworks. Proficiency in PowerShell scripting for automation of identity management tasks. Solid understanding of network fundamentals and security principles. Excellent analytical, troubleshooting, and problem-solving skills. Proven ability to lead technical projects and work independently. Excellent communication, collaboration, and interpersonal skills. Preferred Qualifications: Relevant Microsoft certifications such as Microsoft Certified: Identity and Access Administrator Associate, Microsoft 365 Certified: Enterprise Administrator Expert (with a focus on identity). Experience with other identity management platforms or tools. Experience with implementing and managing Privileged Access Management (PAM) solutions. Familiarity with identity governance and access review processes. Experience with integrating applications for SSO using SAML, OAuth, and OpenID Connect. Knowledge of Azure security services and best practices.
