Senior Engineer - Active Directory Infrastructure

Posted 7 Hours Ago
Be an Early Applicant
Hiring Remotely in Sri Lanka
Remote
Senior level
Food • Logistics
The Role
Join a 5-member Active Directory Infrastructure team to manage global hybrid AD/Entra ID environments. Responsibilities include directory administration, authentication support (Kerberos/NTLM/LDAP), Windows Server Core DC management, GPO and DNS/DHCP troubleshooting, PowerShell automation, PKI/AD CS support, hybrid identity sync (AAD Connect), cross-platform auth for Linux, and leading multi-domain AD migrations while maintaining runbooks and on-call shift participation.
Summary Generated by Built In
JOB DESCRIPTION

Senior Engineer – Active Directory  

 

The Big Picture   

    

Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry.      

  

Sysco employs over 75,000 associates, has 337 smart distribution facilities worldwide and over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 that ended June 29, 2025, the company generated sales of more than $81.4 billion.      

  

Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations.      

  

Sysco LABS’ enterprise technology is present in the end-to-end foodservice journey, enabling the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network and the in-restaurant dining experience of the end-customer.  

 

Location: Sri Lanka 
Employment Type: Full-Time 

Title : Senior Engineer - Active Directory Infrastructure 
Experience Level: 3 - 6 years 

 

About the Role 

Join our newly established Active Directory Infrastructure Team. You'll be part of a 5-member team dedicated to managing and supporting our enterprise identity and directory services across multiple global domains. You will play a crucial role in ensuring secure and seamless authentication for our global workforce. 

Note: This role provides 16 hours of daily support (8 hours on-desk, 5 days a week, and 8 hours on-call on a rotational roster). 

Our Identity Environment: 

  • Hybrid Directory Services: Global On-Premises Active Directory forests integrated with Microsoft Entra ID (formerly Azure AD). 

  • Authentication & Access: Kerberos, NTLM, LDAP/S, SAML, and Oauth integrations across Windows, Linux, and multi-cloud platforms (Azure, AWS, GCP). 

  • Endpoint Integration: Windows and Linux endpoints (workstations, laptops, mobile) domain-joined or hybrid-joined globally. 

  • Collaborative Support Model: Working closely as the Identity Subject Matter Experts (SME) alongside local IT and Field Support teams worldwide. 

What You'll Do 

  • Directory Administration: Manage Active Directory objects (Users, Computers, Groups, Service Accounts) and Organizational Units (OUs) following best practices. 

  • Authentication Support: Troubleshoot complex authentication and domain-join issues for endpoints (Windows/Linux) and applications utilizing Kerberos, NTLM, and LDAP. 

  • Server Core Administration: Support and troubleshoot Domain Controllers deployed on Windows Server Core, utilizing Remote Server Administration Tools (RSAT), Windows Admin Center, and command-line interfaces for daily maintenance. 

  • Group Policy Management:Assist in the creation, deployment, and troubleshooting of Group Policy Objects (GPOs) to enforce security baselines and configure endpoints. 

  • AD Health & Monitoring: Monitor AD replication, Domain Controller health, and Directory Services event logs (using tools like dcdiag and repadmin). 

  • Directory Automation & Reporting:Utilize PowerShell scripting to automate routine identity tasks, execute bulk object updates (users, groups, computers), and generate directory audit reports. 

  • Hybrid Identity Operations: Support Entra ID (Azure AD) sync operations (AAD Connect) and troubleshoot hybrid-join device scenarios. 

  • Cross-Platform Auth: Assist with Linux domain integration (SSSD, Realmd) and authentication troubleshooting for cross-platform endpoints. 

  • PKI & Certificate Management: Support Active Directory Certificate Services (AD CS) operations, including processing Certificate Signing Requests (CSRs), managing certificate templates, and troubleshooting client auto-enrollment issues for endpoints and servers. 

  • DNS & DHCP: Manage and troubleshoot DNS records and zones, as they relate to domain health and client connectivity. 

  • Migrations:Lead multi-domain and multi-forest Active Directory migration planning, execution, troubleshooting, identity integration, trust management, and post-migration support. 

  • Documentation:Maintain runbooks, standard operating procedures (SOPs), and knowledge base articles for AD support and administration. 

What We're Looking For 

Required: 

  • Bachelor's degree in Computer Science, IT, or related field (or equivalent experience). 

  • Solid foundational understanding of Active Directory architecture (Domains, Forests, OUs, Sites and Services, Domian Migrations). 

  • Experience with Active Directory Users and Computers (ADUC), DNS, and Group Policy Management Console (GPMC). 

  • Familiarity with navigating and managing GUI-less environments (Windows Server Core) using command-line tools and PowerShell. 

  • Foundational understanding of Public Key Infrastructure (PKI) concepts, including Certificate Authorities (CAs), digital certificates, and encryption basics. 

  • Understanding of core authentication protocols (Kerberos, LDAP, NTLM). 

  • Intermediate experience using PowerShell (specifically the Active Directory module) to query directory objects, parse event logs, and execute administrative commands. 

  • Strong logical troubleshooting skills with a focus on identity, permissions, and access rights. 

  • Excellent communication skills for collaborating with global remote teams and guiding Field Support. 

  • Willingness to work in rotational shifts/on-call. 

Preferred: 

  • Familiarity with Microsoft Entra ID (Azure AD), AD Connect, and Hybrid Azure AD join scenarios. 

  • Knowledge of enterprise identity integration with cloud platforms (AWS Directory Service, GCP Cloud Identity, SSO). 

  • Relevant Microsoft certifications (e.g., SC-300: Identity and Access Administrator, AZ-800, or foundational MS-900/SC-900). 

  • Familiarity with Privileged Access Management (PAM) or Just-in-Time (JIT) access concepts. 

  • Experience with IT service management (ITSM) tools like ServiceNow. 

  • ITIL Foundation certification. 

 

Benefits  

  • Performance-based annual bonus   

  • Performance rewards and recognition   

  • Agile Benefits - special allowances for Health, Wellness & Academic purposes   

  • Paid birthday leave Team engagement allowance   

  • Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws   

  • Hybrid work arrangement   

   

   

Sysco LABS is an Equal Opportunity Employer. 

 

 

Skills Required

  • 3-6 years of relevant experience
  • Bachelor's degree in Computer Science, IT, or related field (or equivalent experience)
  • Solid understanding of Active Directory architecture (Domains, Forests, OUs, Sites and Services, Domain migrations)
  • Experience with Active Directory Users and Computers (ADUC), DNS, and Group Policy Management Console (GPMC)
  • Experience administering Domain Controllers on Windows Server Core using command-line tools, RSAT, and Windows Admin Center
  • Intermediate PowerShell skills, specifically using the Active Directory module for automation and bulk updates
  • Foundational understanding of PKI concepts and Active Directory Certificate Services (AD CS) operations
  • Understanding of core authentication protocols (Kerberos, LDAP, NTLM)
  • Experience troubleshooting hybrid identity scenarios, AAD Connect, and domain-join issues (Windows/Linux)
  • Strong logical troubleshooting skills focused on identity, permissions, and access rights
  • Excellent communication skills for collaboration with global remote teams and field support
  • Willingness to work rotational shifts and be on-call
  • Familiarity with Microsoft Entra ID (Azure AD), AD Connect, and Hybrid Azure AD join scenarios
  • Knowledge of enterprise identity integration with cloud platforms (AWS Directory Service, GCP Cloud Identity, SSO)
  • Relevant Microsoft certifications (SC-300, AZ-800, MS-900, SC-900)
  • Familiarity with Privileged Access Management (PAM) or Just-in-Time (JIT) access concepts
  • Experience with ITSM tools like ServiceNow
  • ITIL Foundation certification

Sysco Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Sysco and has not been reviewed or approved by Sysco.

  • Healthcare Strength Multiple national medical plan options with telehealth, behavioral health resources, and targeted programs indicate broad coverage and support. Preventive care access and ancillary offerings (dental, vision, Rx advocacy) further reinforce the package.
  • Retirement Support A 401(k) with automatic company contributions plus a match, alongside an employee stock purchase plan, underscores solid retirement support. At union locations, enhanced pension terms add to perceived long‑term value.
  • Pay Growth & Progression Recent collective bargaining outcomes with substantial wage increases demonstrate meaningful pay progression where contracts apply. In high‑volume markets, incentive structures can amplify earnings beyond base rates.

Sysco Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Houston, TX
24,120 Employees

What We Do

Sysco is the global leader in selling, marketing and distributing food and related products to customers who prepare meals away from home. This includes restaurants, healthcare and educational facilities, lodging establishments, entertainment venues, and more. Sysco operates almost 340 distribution centers, in over 10 countries, with 76,000 colleagues serving approximately 730,000 customer locations. The company generated sales of more than $81 billion in fiscal year 2025 that ended June 28, 2025. As the world’s largest food-away-from-home distributor, Sysco offers customized supply chain solutions, bespoke specialty product offerings, and culinary support to drive customers to innovate and optimize their operations. We act as a trusted business partner to our customers, helping them grow through our industry-leading portfolio that includes fresh produce, premium proteins, specialty products, sustainably focused items, equipment and supplies, and innovative culinary solutions. For more information, visit www.sysco.com. For important news and key information for Sysco investors, visit the Investor Relations section of the company’s website at investors.sysco.com.

Similar Jobs

MAS Holdings Logo MAS Holdings

Intern - Lean Enterprise

eCommerce • Fashion • Retail
In-Office or Remote
2 Locations
15595 Employees

MAS Holdings Logo MAS Holdings

Intern - Digital Excellence

eCommerce • Fashion • Retail
In-Office or Remote
2 Locations
15595 Employees

MAS Holdings Logo MAS Holdings

Intern - Digital Excellence

eCommerce • Fashion • Retail
In-Office or Remote
2 Locations
15595 Employees
Remote
Sri Lanka
24120 Employees

Similar Companies Hiring

HERE Technologies Thumbnail
Artificial Intelligence • Automotive • Computer Vision • Information Technology • Internet of Things • Logistics • Software
Amsterdam, NL
6000 Employees
Axle Health Thumbnail
Artificial Intelligence • Healthtech • Information Technology • Logistics
Santa Monica, CA
22 Employees
Amalgamated Sugar Thumbnail
Food • Greentech • Agriculture • Industrial • Manufacturing
Boise, Idaho
768 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account