L3 Engineer - Active Directory & Entra ID Services

Job Summary

Seeking an experienced Active Directory and Entra ID Engineer – L3 to design, manage, and support enterprise identity infrastructure. The ideal candidate will have deep expertise in Active Directory (on-premises), Entra ID (Azure AD), and related identity management technologies. This role involves complex troubleshooting, architecture design, migrations, automation, and advanced support for hybrid identity environments.

Key Responsibilities

Active Directory Administration

• Administer, manage, and support Domain Controllers across multiple domains and forests.
• Perform promotion and demotion of domain controllers as required.
• Manage forest-level administration, domain and forest trusts, and functional levels.
• Configure and maintain Active Directory Sites and Services for optimized replication and authentication.
• Design, implement, and manage Group Policies (GPOs) across enterprise environments.
• Perform regular AD health checks, database maintenance, and replication remediations.
• Manage SYSVOL, Global Catalog servers, FSMO roles, and Windows Time Services.
• Implement and maintain AD backup and recovery strategies.
• Build, configure, and troubleshoot Windows domain controllers (physical and virtual).
• Ensure vulnerability management and patch compliance for AD infrastructure.
• Install and configure support tools and monitoring agents on domain controllers.
• Manage Certificate Services and provide advanced support for PKI environments.
• Administer user, group, and service accounts in Active Directory.
• Manage roaming profiles, folder redirection, and cloud storage access controls (Azure storage accounts).

Hybrid Identity & Entra ID (Azure AD)

• Build, configure, and manage Entra Connect / Entra Sync servers.
• Manage synchronization rules, processes, and resolve sync errors between AD and Entra ID.
• Administer Azure roles, Administrative Units, and RBAC in Entra ID.
• Manage Entra ID Application Registrations (OIDC and SAML-based).
• Design and configure Conditional Access Policies for secure access management.
• Manage custom domains, service principals, privileged accounts, and dynamic groups in Entra ID.
• Provide advanced support for Privileged Identity Management (PIM).
• Collaborate with IAM teams to integrate OKTA or other IAM tools where applicable.

Automation, Documentation & Collaboration

• Develop PowerShell scripts to automate AD, Entra ID, and user management tasks.
• Create and maintain architectural diagrams, technical documentation, and SOPs.
• Coordinate with end users and cross-functional support teams for incident resolution and project delivery.
• Contribute to process improvements, automation, and standardization efforts.
• Prepare Root cause analysis and related documentations for incidents and problem management.
• Work independently as an individual contributor while providing technical solutions to stakeholders and customers.

Required Skills

• 8–10 years of hands-on experience in Active Directory and Entra ID administration.
• Strong understanding of Windows Server platforms, DNS, DHCP, PKI, and networking fundamentals.
• Experience with PowerShell scripting for automation and reporting.
• Exposure to IAM tools like OKTA, Ping Identity, or similar platforms is desirable.
• Excellent communication, documentation, and interpersonal skills.
• Strong analytical and troubleshooting abilities with a focus on root cause analysis and permanent remediation.

Preferred Certifications (Optional)

• Microsoft Certified: Identity and Access Administrator (SC-300)
• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Microsoft Certified: Azure Administrator Associate (AZ-104)
• ITIL Foundation Certification

Job Summary

Seeking an experienced Active Directory and Entra ID Engineer – L3 to design, manage, and support enterprise identity infrastructure. The ideal candidate will have deep expertise in Active Directory (on-premises), Entra ID (Azure AD), and related identity management technologies. This role involves complex troubleshooting, architecture design, migrations, automation, and advanced support for hybrid identity environments.

Key Responsibilities

Active Directory Administration

• Administer, manage, and support Domain Controllers across multiple domains and forests.
• Perform promotion and demotion of domain controllers as required.
• Manage forest-level administration, domain and forest trusts, and functional levels.
• Configure and maintain Active Directory Sites and Services for optimized replication and authentication.
• Design, implement, and manage Group Policies (GPOs) across enterprise environments.
• Perform regular AD health checks, database maintenance, and replication remediations.
• Manage SYSVOL, Global Catalog servers, FSMO roles, and Windows Time Services.
• Implement and maintain AD backup and recovery strategies.
• Build, configure, and troubleshoot Windows domain controllers (physical and virtual).
• Ensure vulnerability management and patch compliance for AD infrastructure.
• Install and configure support tools and monitoring agents on domain controllers.
• Manage Certificate Services and provide advanced support for PKI environments.
• Administer user, group, and service accounts in Active Directory.
• Manage roaming profiles, folder redirection, and cloud storage access controls (Azure storage accounts).

Hybrid Identity & Entra ID (Azure AD)

• Build, configure, and manage Entra Connect / Entra Sync servers.
• Manage synchronization rules, processes, and resolve sync errors between AD and Entra ID.
• Administer Azure roles, Administrative Units, and RBAC in Entra ID.
• Manage Entra ID Application Registrations (OIDC and SAML-based).
• Design and configure Conditional Access Policies for secure access management.
• Manage custom domains, service principals, privileged accounts, and dynamic groups in Entra ID.
• Provide advanced support for Privileged Identity Management (PIM).
• Collaborate with IAM teams to integrate OKTA or other IAM tools where applicable.

Automation, Documentation & Collaboration

• Develop PowerShell scripts to automate AD, Entra ID, and user management tasks.
• Create and maintain architectural diagrams, technical documentation, and SOPs.
• Coordinate with end users and cross-functional support teams for incident resolution and project delivery.
• Contribute to process improvements, automation, and standardization efforts.
• Prepare Root cause analysis and related documentations for incidents and problem management.
• Work independently as an individual contributor while providing technical solutions to stakeholders and customers.

Required Skills

• 8–10 years of hands-on experience in Active Directory and Entra ID administration.
• Strong understanding of Windows Server platforms, DNS, DHCP, PKI, and networking fundamentals.
• Experience with PowerShell scripting for automation and reporting.
• Exposure to IAM tools like OKTA, Ping Identity, or similar platforms is desirable.
• Excellent communication, documentation, and interpersonal skills.
• Strong analytical and troubleshooting abilities with a focus on root cause analysis and permanent remediation.

Preferred Certifications (Optional)

• Microsoft Certified: Identity and Access Administrator (SC-300)
• Microsoft Certified: Windows Server Hybrid Administrator Associate
• Microsoft Certified: Azure Administrator Associate (AZ-104)
• ITIL Foundation Certification