Active Directory and Entra ID Engineer

We are seeking an experienced Active Directory (AD) and Entra ID engineer to supplement an existing team. The candidate must have a strong background in designing, building, and maintaining complex, large scale and global identity directory services environments.
This is a 5-month remote opportunity.

• Conduct high-level project design and create project charters.
• Review global directory services disaster recovery plans for gaps and define next steps.
• Engineer, deploy, operationalize, maintain, and support tools associated with AD & Entra ID.
• Contribute to the engineering and support of AD & Entra ID as needed.
• Communicate service enhancements and operational efficiency directions, features and roadmaps aligned to the roadmap.
• Providing technical leadership to others with less knowledge or experience.
• Liaise with, train, and support operational teams.
• Assist in technology evaluations and guiding proof of concepts.
• Participate in solution design discussions. Architect and assist in engineering global AD domain consolidation project(s).

• Senior and experienced AD and Entra ID Engineer (5-7 years) with Large, Global Enterprise Experience.
• 5+ years’ experience in directory services engineering.
• Good understanding of AD / Entra ID Security.
• AD Support: Extensive experience in supporting and troubleshooting on-prem Active Directory services (Authentication, DFS, GPO, LDAP).
• AD Security: Good understanding of AD security, vulnerabilities, and common safeguards.
• Tier-0 Security: Specific understanding of Tier-0 and identifying its security boundaries.
• Domain Consolidation: Experience or enhanced understanding of consolidating a large enterprise AD forest.
• Cloud Interface: Familiar working with the AWS EC2 and Azure environments to build and support services.
• Disaster Recovery: Enhanced understanding of recovering Active Directory in a DR situation.
• Tool Development: Experience performing POC testing and driving deployment of AD service-related tools.
• Customer Focus: Ability to work with application owners to troubleshoot AD service and integration issues.
• Documentation: Ability to author, review, and edit technical documents at an Engineering and Operational level.
• Presentation and Training: Ability to conduct knowledge transfer sessions to Engineering and Operations.
• Making Recommendations: Seek and recommend improvements on existing AD architecture, provide recommendations to improve IT systems.
• Experience with assisting in creating of Identity and Access Management (IAM) roadmaps for global directory services.
• Understanding of modern authentication (OIDC, SAML, Kerberos, etc.).
• Understanding of Role-Based Access Control (RBAC), Policy-Based Access Control (PBAC) and Attribute-Based Access Control (ABAC).
• Experience with privileged access management for administering directory services.
• Experience developing solution and system architecture.
• Understanding of use of machine learning (and exposure to AI) for technology evaluations and enhancement.

• Excellent interpersonal communication skills with strong spoken and written English.
• Collaborative team worker – both in person and virtually using MS Teams or similar.
• Excellent analytical skills.
• Organizational skills with attention to detail.
• Ability to leverage existing documentation.
• Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel and PowerPoint.
• Business outcomes mindset.
• Solid balance of strategic thinking with detail orientation.
• Self-starter, ability to take initiative.
• Flexibility to accommodate working across different time-zones.

Bachelor's degree (BA/BS) in Computer Science from four-year college or university; or equivalent training, education, and work experience.