Description :

Active Directory Specialist

Experience : 7 15 Years (Relevant: 6+ Years)

Location : Pune

Notice Period : 30 Days/Immediate Joiner (Preferred by Feb 20th)

Role Summary :

We are seeking a high-caliber Active Directory Specialist to manage and optimize our global identity and access management (IAM) infrastructure. In this technical leadership role, you will act as the "Identity Architect," responsible for the health, security, and scalability of our hybrid directory services.

You will lead the management of On-Prem Active Directory environments across various Windows Server versions while driving the evolution of Azure AD (Microsoft Entra ID).

The ideal candidate is a PowerShell automation expert with deep technical knowledge of PKI, ADFS, and Entra ID Connect, capable of ensuring seamless authentication and certificate lifecycle management in a complex enterprise environment.

Responsibilities :

- Hybrid Identity Orchestration: Design, implement, and support hybrid identity solutions using Microsoft Entra ID (Azure AD) and Entra ID Connect to ensure seamless synchronization between on-premises and cloud environments.

- On-Prem Directory Governance: Provide deep expertise in managing and troubleshooting legacy and modern Windows Server environments, including versions 2003 through 2019.

- Advanced PKI & Certificate Management: Lead the implementation and maintenance of Public Key Infrastructure (PKI), overseeing the full lifecycle of digital certificates to ensure secure communication across the network.

- Directory Services Management: Manage and optimize core directory components, including DNS, LDAP, and Group Policy Objects (GPO) to enforce security settings and configurations across the enterprise.

- PowerShell Automation: Develop and maintain advanced PowerShell scripts to automate routine identity tasks, bulk user management, and reporting to increase operational efficiency.

- Federation Services (ADFS): Support and manage Active Directory Federation Services (ADFS) to enable Single Sign-On (SSO) capabilities across various third-party and internal applications.

- Security & GPO Hardening: Design and audit Group Policies to enhance the organizational security posture, ensuring adherence to the principle of least privilege.

- Infrastructure Health Monitoring: Perform regular health checks, forest/domain functional level upgrades, and replication troubleshooting to ensure high availability of identity services.

- Entra ID Security: Implement and manage Entra ID security features, including Conditional Access policies, Multi-Factor Authentication (MFA), and Privileged Identity Management (PIM).

- Stakeholder Support: Collaborate with the Security and Network teams to resolve complex authentication issues and support audit requirements.

Technical Requirements :

- Active Directory Mastery: 7+ years of experience in AD management with a deep focus on DNS, GPO, and LDAP.

- Cloud Identity: 6+ years of relevant experience with Azure AD / Microsoft Entra ID and synchronization tools.

- PKI Expertise: Proven hands-on experience in managing Certificate Authorities (CA) and encryption certificates.

- Scripting: Advanced proficiency in PowerShell for infrastructure automation.

- Server Administration: Deep knowledge of Windows Server 2003, 2008, 2012, 2016, and 2019.

Preferred Skills :

- Microsoft Certification: AZ-104 (Azure Administrator) or SC-300 (Microsoft Identity and Access Administrator).

- Quest Tools: Experience with Quest Active Roles or Change Auditor is an added advantage.

- M&A Experience: Prior experience in Active Directory domain migrations or forest consolidations.

Core Competencies :

- Result Driven: A focus on maintaining 99.9% uptime for identity and authentication services.

- Problem Solving: Excellence in diagnosing complex replication, synchronization, or certificate-related failures.

- Accountability: Taking full ownership of the identity lifecycle and security configuration audits.

- Time-Sensitive Execution: Ability to meet the Feb 20th joining deadline or manage a tight 30-day notice period.