Active Directory & Microsoft Identity Management L3

Job Title: Active Directory & Microsoft Identity Management L3

Location: Ada, MI
Duration: 12 Months Competencies: Digital Cloud Computing (General)
Experience Required: 8 10 Years

Job Summary

We are seeking a highly skilled Active Directory & Microsoft Identity Management L3 Architect with deep expertise in designing, optimizing, and securing enterprise-scale identity and Windows infrastructure environments. The ideal candidate will have extensive experience in hybrid identity, AD modernization, Azure AD/Entra ID, security hardening, and automation using PowerShell.

Required Skills

• Proven experience architecting AD in large, multi-domain, multi-site enterprise environments

• Deep expertise in:

  • Domain / Forest model design

  • Group Policy (GPO) architecture & governance

  • AD security hardening & remediation

  • DNS & DHCP infrastructure

  • Azure AD / Entra ID & Hybrid Identity

  • Federation & SSO frameworks (ADFS, OAuth, SAML)

• Strong automation experience using PowerShell

• Solid understanding of TCP/IP, routing, firewalls, and load balancing

• Familiarity with Zero-Trust and modern identity security frameworks

Key Responsibilities

Active Directory Architecture & Design

• Lead the design and delivery of enterprise-scale AD architectures

• Define Domain/Forest structure, OU hierarchy, GPO frameworks, and security baselines

• Establish AD governance, naming standards, delegation models, and lifecycle processes

• Oversee AD replication, DC placement, sites & subnets

• Architect secure authentication models (Kerberos, LDAP/S, NTLM-hardening)

Identity & Access Management

• Architect IAM solutions including RBAC, least privilege, PAM, and SSO/MFA

• Lead Azure AD / Entra ID hybrid identity integrations

• Manage Azure AD Connect, Conditional Access, federation services (ADFS), and IGA components

Windows Infrastructure Architecture

• Standardize and automate Windows Server builds, baselines, and security templates

• Architect patching, lifecycle management, and configuration management frameworks

• Provide guidance on virtualization platforms (VMware / Hyper-V) as they relate to identity workloads

Security & Compliance

• Enhance identity and Windows security posture using Entra ID Protection, MFA, CA policies

• Partner with security teams to enforce Zero Trust principles

• Drive remediation of AD vulnerabilities, deprecated protocols, and misconfigurations

• Support compliance audits, identity governance reviews, and risk assessments

Automation & Optimization

• Build automation solutions using PowerShell, DSC, Intune, SCCM, and modern configuration tools

• Improve performance, reliability, and provisioning workflows

• Recommend architecture enhancements for continuous optimization

Cross-Functional Leadership

• Serve as enterprise SME for AD, Windows, and Identity Services

• Lead workshops, architecture review boards, and technical design sessions

• Collaborate with cross-functional stakeholders across Infrastructure, Security, Cloud, and IAM