CrawlJobs Logo

Active Directory Architect

nttdata.com Logo

NTT DATA

Location Icon

Location:
United States , Mahwah

Category Icon

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided

Job Description:

This position integrates enterprise identity management with application development and automation. The candidate will design and maintain hybrid identity environments, leveraging Microsoft technologies, PowerShell, and Azure services for secure and efficient operations.

Job Responsibility:

  • Administer and optimize Active Directory, Exchange, and Entra ID systems
  • Design automation workflows using PowerShell scripting
  • Develop integrations with ServiceNow and Microsoft Graph API
  • Support Azure PaaS deployments, including App Services and Function Apps
  • Manage hybrid authentication solutions using LDAP and ADFS
  • Collaborate with technical teams to deliver scalable and secure identity services

Requirements:

  • 10 years experience in Active Directory, Exchange (on-prem/online), and Entra ID
  • Ability to architect automation solutions end‑to‑end including working with directory architects to turn design concepts into working automation
  • Translating architecture into actionable implementation plans
  • Creating architecture diagrams, standards, and design documents
  • 5 years experience in .NET Framework and .NET Core/.NET 8
  • Hands‑on development with C#, .NET Core, ASP.NET, Web APIs
  • 5 years of advanced PowerShell scripting and automation experience

Nice to have:

  • Knowledge of Azure PaaS, REST, gRPC, and WCF
  • Familiarity with ServiceNow and Microsoft Graph API integration
  • Strong problem-solving and architecture design skills
  • Experience building enterprise‑grade applications
  • Deep debugging, troubleshooting, and performance‑tuning skills
  • Designing scalable, secure, and high‑availability systems
  • Experience with microservices, SOA, or modular architecture

Additional Information:

Job Posted:
February 21, 2026

Work Type:
Hybrid work
Job Link Share:

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Active Directory Architect

IAM Senior Engineer - Active Directory/Entra ID

HPE Global IT is seeking a highly skilled Senior Active Directory (AD), Entra ID...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
  • 10+ years of IT or cybersecurity experience
  • 7+ years focused on AD, Entra ID, and Azure identity engineering in enterprise-scale environments
  • Deep hands-on experience managing multi-forest AD environments (schema, replication, delegation, GPOs, DNS, DHCP)
  • Strong expertise with Entra ID and hybrid identity integration (Entra Connect / Cloud Sync, federation, SSO)
  • Hands-on experience with Azure governance, RBAC, PIM, and access policy enforcement
  • Experience implementing conditional access, passwordless, and phishing-resistant MFA in Entra and Azure
  • Proficiency in PowerShell scripting, Graph API, and Azure automation for identity management and reporting
  • Solid understanding of authentication protocols (Kerberos, NTLM, LDAP, SAML, OIDC, OAuth2)
  • Familiarity with Zero Trust, tiered admin models, and directory hardening practices
Job Responsibility
Job Responsibility
  • Engineer, deploy, and optimize Active Directory, Entra ID, and Azure identity services across enterprise-scale hybrid environments
  • Design and manage multi-forest AD architectures, including schema extensions, replication, delegation, and hardening
  • Implement and maintain cross-domain and cross-tenant synchronization between AD and Entra ID using Entra Connect or Cloud Sync
  • Engineer secure authentication and federation flows leveraging Kerberos, NTLM, SAML, OIDC, and OAuth2
  • Implement and enhance conditional access, MFA, passwordless, and FIDO2 authentication methods in Entra and Azure environments
  • Support Zero Trust Directory Security through tiered administration, least privilege, and delegated access controls
  • Partner with cloud and infrastructure teams to ensure secure integration of Azure resources with enterprise identity services
  • Maintain and secure domain controllers, DNS, DHCP, and Group Policy Objects (GPOs) across global environments
  • Manage Azure AD tenants, subscriptions, and resource access controls (RBAC, PIM, Entra roles)
  • Integrate on-prem AD with Azure workloads, Microsoft 365, Intune, and other SaaS applications
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Active Directory and Azure Engineer

Active Directory and Azure Engineer Charlotte, NC - On site Skills: Active Dir...
Location
Location
United States , Charlotte
Salary
Salary:
Not provided
enormousenterprise.com Logo
Enormous Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Serve as a subject matter expert for Directory Services (AD / AAD) under the IAM services portfolio
  • Perform in the capacity of AD / AAD Engineer
  • Understand how the service works from a business/end-user/technical perspective
  • Have command of the service, including its capabilities and proper use
  • Execute proof-of-concepts guided by the Service Manager and Director
  • Complete assigned projects/tasks in a timely manner
  • Interact with key stakeholders and project/program teams to understand their requirements and architect solutions based on best practices
  • Ensure proper oversight for quality assurance of IAM artifacts
  • Architect, own, and maintain processes, metrics, and procedures
  • Enforce adherence to architectural standards/principles
Read More
Arrow Right

Senior Active Directory Engineer

Software Resources has an immediate job opportunity for a Senior Active Director...
Location
Location
United States , Seattle
Salary
Salary:
94.00 - 97.00 USD / Hour
softwareresources.com Logo
Software Resources
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years of related work experience
  • Demonstrated experience designing, implementing, and integrating enterprise-level highly connected hybrid LDAP solutions with at least 40,000 users, including: Active Directory, Azure Active Directory, Microsoft Identity Manager, Active Directory Federation Services / AADC
  • Integrations between key services and various LDAP providers
  • Experience in engineering, designing, and integrating both infrastructure components (domain controllers, sites and services, connectivity, etc.) and logical aspects (GPO management, directory structure, and management toolsets)
  • Experience in project management of large IT initiatives
  • Experience working with and directing suppliers in an outsourced environment infrastructure
  • BA/BS Mandatory
Job Responsibility
Job Responsibility
  • AD modernization and standardization initiative, migrating on-premises Active Directory lifecycle management to a cloud-first identity model (Microsoft Entra ID/Azure AD)
  • Maintain and manage local AD on-prem devices and domain controllers, including operational support, incident response, and running reports (e.g., Power BI)
  • Collaborate with architects and senior engineers
  • contribute to process and system configuration, but not lead design efforts
  • Identify and implement automation opportunities to reduce manual tasks and ticket volume, proactively improving lifecycle management and user experience
  • Lead the assessment and analysis of the Domain controllers in the AD forest
  • Document and guide the operations team with the decommissioning, upgrade and migration of domain controllers
  • Analyze the existing use of PKI certificates in legacy directories and help migrate them into Microsoft's PKI service
  • Evaluate capabilities of services/products and design solutions to deliver future service offerings through detailed technical analysis
  • Define engineered designs, including full documentation
What we offer
What we offer
  • medical, dental, and vision coverage
  • a 401(k) with company match
  • short-term disability
  • life insurance with AD&D
  • Fulltime
Read More
Arrow Right

Senior Active Directory Engineer

Software Resources has an immediate job opportunity for a Senior Active Director...
Location
Location
United States , Orlando
Salary
Salary:
Not provided
softwareresources.com Logo
Software Resources
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years of related work experience
  • Demonstrated experience designing, implementing, and integrating enterprise-level highly connected hybrid LDAP solutions with at least 40,000 users, including: Active Directory, Azure Active Directory, Microsoft Identity Manager, Active Directory Federation Services / AADC
  • Integrations between key services and various LDAP providers
  • Experience in engineering, designing, and integrating both infrastructure components (domain controllers, sites and services, connectivity, etc.) and logical aspects (GPO management, directory structure, and management toolsets)
  • Experience in project management of large IT initiatives
  • Experience working with and directing suppliers in an outsourced environment infrastructure
  • BA/BS Mandatory
Job Responsibility
Job Responsibility
  • AD modernization and standardization initiative, migrating on-premises Active Directory lifecycle management to a cloud-first identity model (Microsoft Entra ID/Azure AD)
  • Maintain and manage local AD on-prem devices and domain controllers, including operational support, incident response, and running reports (e.g., Power BI)
  • Collaborate with architects and senior engineers
  • contribute to process and system configuration, but not lead design efforts
  • Identify and implement automation opportunities to reduce manual tasks and ticket volume, proactively improving lifecycle management and user experience
  • Lead the assessment and analysis of the Domain controllers in the AD forest
  • Document and guide the operations team with the decommissioning, upgrade and migration of domain controllers
  • Analyze the existing use of PKI certificates in legacy directories and help migrate them into Microsoft's PKI service
  • Evaluate capabilities of services/products and design solutions to deliver future service offerings through detailed technical analysis
  • Define engineered designs, including full documentation
What we offer
What we offer
  • medical, dental, and vision coverage
  • a 401(k) with company match
  • short-term disability
  • life insurance with AD&D
Read More
Arrow Right

Senior Active Directory Engineer

Software Resources has an immediate job opportunity for a Senior Active Director...
Location
Location
United States , Burbank
Salary
Salary:
94.00 - 97.00 USD / Hour
softwareresources.com Logo
Software Resources
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years of related work experience
  • Demonstrated experience designing, implementing, and integrating enterprise-level highly connected hybrid LDAP solutions with at least 40,000 users, including: Active Directory, Azure Active Directory, Microsoft Identity Manager, Active Directory Federation Services / AADC
  • Integrations between key services and various LDAP providers
  • Experience in engineering, designing, and integrating both infrastructure components (domain controllers, sites and services, connectivity, etc.) and logical aspects (GPO management, directory structure, and management toolsets)
  • Experience in project management of large IT initiatives
  • Experience working with and directing suppliers in an outsourced environment infrastructure
  • BA/BS Mandatory
Job Responsibility
Job Responsibility
  • AD modernization and standardization initiative, migrating on-premises Active Directory lifecycle management to a cloud-first identity model (Microsoft Entra ID/Azure AD)
  • Maintain and manage local AD on-prem devices and domain controllers, including operational support, incident response, and running reports (e.g., Power BI)
  • Collaborate with architects and senior engineers
  • contribute to process and system configuration, but not lead design efforts
  • Identify and implement automation opportunities to reduce manual tasks and ticket volume, proactively improving lifecycle management and user experience
  • Lead the assessment and analysis of the Domain controllers in the AD forest
  • Document and guide the operations team with the decommissioning, upgrade and migration of domain controllers
  • Analyze the existing use of PKI certificates in legacy directories and help migrate them into Microsoft's PKI service
  • Evaluate capabilities of services/products and design solutions to deliver future service offerings through detailed technical analysis
  • Define engineered designs, including full documentation
What we offer
What we offer
  • medical, dental, and vision coverage
  • a 401(k) with company match
  • short-term disability
  • life insurance with AD&D
  • Fulltime
Read More
Arrow Right

Systems Administrator IV

Location
Location
United States , Huntsville, Alabama
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS with 8-10, MS 6-8, PhD 3-5
  • Must possess and maintain an Active DoD Secret clearance
  • Expert-level experience administering Active Directory, including Domain Controllers, DNS, Group Policy, trusts, and recovery operations
  • Strong hands-on experience with Windows Server 2019/2022 and Windows 11 in domain-joined environments
  • Proven experience operating VMware vSphere and ESXi in production environments
  • Strong understanding of system hardening, STIG implementation, and vulnerability remediation
  • Experience supporting RMF and ATO processes and interacting with auditors and assessors
  • Ability to troubleshoot complex, multi-layered system issues in restricted or air-gapped environments
  • Active IAT Level II certification (Security +, etc.)
Job Responsibility
Job Responsibility
  • Lead installation, configuration, hardening, and sustainment of on-prem Windows systems, including Windows Server 2019/2022 and Windows 11, across multiple enclaves and classification levels in compliance with DISA STIGs and NIST 800-53
  • Architect, administer, and sustain Active Directory Domain Services, including domain and forest design, Domain Controller deployment and lifecycle management, replication, FSMO role management, backup and recovery, DNS, DHCP, time services, trust relationships, and cross-domain integration
  • Architect, implement, and sustain Group Policy architecture and lifecycle management, including GPO design, testing, deployment, troubleshooting, enforcement of security baselines, workstation hardening, and user, computer, and OU design aligned with least-privilege principles
  • Architect, operate, and sustain VMware vSphere and ESXi environments, including host lifecycle management, virtual networking, storage integration using NFS and/or vSAN, performance tuning, and fault recovery
  • Plan, integrate, and validate new systems and technologies in coordination with network, cybersecurity, and engineering teams while maintaining operational stability
  • Perform advanced system troubleshooting across operating systems, identity services, virtualization, and authentication layers in restricted or air-gapped environments
  • Execute vulnerability management activities, including Nessus and SCAP scanning, analysis of findings, remediation, and validation of compliance
  • Serve as the technical subject matter expert for Windows and VMware platforms only during RMF and ATO activities, assessments, inspections, and audits by providing technical responses and evidence artifacts within the systems under their responsibility
  • Develop, maintain, and enforce system documentation, security baselines, architecture diagrams, SOPs, and recovery procedures
  • Design, implement, and maintain backup, restore, disaster recovery, and continuity of operations strategies for enterprise systems and directory services
  • Fulltime
Read More
Arrow Right

Principal IAM Engineer

The IAM Principal Engineer is responsible for driving the development, maintenan...
Location
Location
United States , Mount Laurel
Salary
Salary:
142361.11 - 213541.67 USD / Year
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 10 years of experience implementing SailPoint IdentityIQ
  • More than 5 years of experience designing, architecting, implementing, operating, and maintaining Radiant Logic Virtual Directory Service (VDS), including Federated Identity Management (FIM) and Identity Correlation and Synchronization (ICS)
  • Skilled in integrating data sources and applications into VDS, configuring data access views and permissions, and performing identity correlation and synchronization
  • Strong knowledge of LDAP, Active Directory services, Multi-Factor Authentication (MFA), risk-based authentication, and privileged access management
  • Deep understanding of Identity and Access Management (IAM) across authentication, authorization, endpoint security, network security, and policy engines
  • Technical expertise with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping Identity, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and cross-domain IDM integrations
  • Solid grasp of cloud identity concepts and hands-on experience with Azure AD and other cloud environments
  • 3–5+ years of experience developing workflows, forms, connector configurations, provisioning policies, and rules within SailPoint IdentityIQ
  • Quick learner with the ability to adopt new technologies and collaborate effectively to capture and implement business system requirements
  • Proficient in source control and development tools such as GitHub and Eclipse
Job Responsibility
Job Responsibility
  • Apply your expertise in SailPoint IdentityIQ and Radiant One FID / Global Sync to enhance and expand the capabilities of the enterprise IAM platform
  • Collaborate with Agile teams to design, build, test, and support scalable IAM solutions that meet foundational enterprise needs, including identity federation, directory virtualization, and multi-source synchronization
  • Contribute innovative and efficient configuration and coding solutions in SailPoint IdentityIQ and Radiant One FID environments that differentiate the IAM platform
  • Engineer cost-effective technical solutions leveraging Radiant One FID and Global Sync to address business challenges and streamline identity and access processes
  • Develop both tactical and strategic IAM solutions aligned with evolving business requirements, including federated identity management and synchronized directory services
  • Partner with key stakeholders to gather and validate requirements, ensuring delivered solutions meet expectations across SailPoint IdentityIQ and Radiant One FID systems
  • Participate in project teams to design new system capabilities, including proof-of-concept (POC) implementations for both Radiant One FID and SailPoint IdentityIQ, and presentations that highlight their functionality
  • Deploy and manage Radiant One FID in Kubernetes environments using Helm charts, ensuring scalable, reproducible, and reliable containerized deployments
  • Support the end-to-end testing lifecycle for system changes, including integrations with Radiant One FID / Global Sync, from design through execution
  • Create proactive capacity forecasts to prevent outages and ensure system reliability for SailPoint IdentityIQ and Radiant One FID services
What we offer
What we offer
  • Paid Time off
  • Physical Wellbeing benefits
  • Financial Wellbeing benefits
  • Emotional Wellbeing benefits
  • Life Events + Family Support benefits
  • Fulltime
Read More
Arrow Right
New

Senior Identity Security Engineer

We are seeking a Senior Identity Security Engineer to design, implement and enha...
Location
Location
United Kingdom , Glasgow or Reading, Berkshire
Salary
Salary:
Not provided
fsp.co Logo
FSP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong engineering background with deep expertise across Active Directory, Entra ID and PKI/ADCS in large, complex environments
  • Pragmatic, methodical problem‑solver able to diagnose and resolve identity issues end‑to‑end in hybrid platforms
  • Effective communicator and collaborator, working across architecture, engineering and operations teams
  • Trusted by clients and colleagues
  • delivers practical, secure solutions that reduce real‑world risk
  • Broad experience across Active Directory, PKI, hybrid identity and modern authentication, including tiering, automation and identity hygiene
  • Skilled in identity migrations and legacy exits, covering AD consolidation, ADFS/MIM retirement and modernisation
  • Strong automation capability with PowerShell, CI/CD, monitoring and IaC to improve reliability and consistency
Job Responsibility
Job Responsibility
  • Design and architect modern Microsoft identity platforms, including new Active Directory and Entra ID environments, design patterns, standards and long‑term roadmaps for secure, scalable foundations
  • Integrate third‑party identity services, including platforms such as Okta, Ping, Duo, Auth0 and Yubico
  • Assess and improve existing identity environments by identifying risks, technical debt, reliability issues and leading the engineering work to implement practical, measurable improvements
  • Engineer PKI and certificate lifecycle services at scale, including PKI/ADCS design and operation, certificate automation, cloud integrations and modern machine‑identity use cases
  • Plan and lead safe migrations and legacy exits, including decommissioning legacy AD forests, MIM, ADFS and outdated identity components
  • Drive adoption of passwordless and modern authentication, implementing solutions such as Windows Hello, passkeys, FIDO2 and supporting clients through change and adoption
  • Evolve organisations toward cloud‑first identity models, implementing hybrid identity strategies, modern authentication, attribute mastering and secure workload/device identity patterns
  • Automate identity and certificate operations using automation, DevSecOps practices and infrastructure‑as‑code to deliver secure, consistent and maintainable identity services
  • Advising clients on IAM best practices, standards and regulatory requirements, including GDPR, ISO 27001, NIST Frameworks
What we offer
What we offer
  • A collaborative and supportive environment in which you can grow and develop your career
  • The tools and opportunity to do work you can be proud of
  • A chance to work alongside some of the best people in the industry, who always seek to share their knowledge and experience
  • Hybrid working – we empower you to make smart choices about when and where to work to achieve great results
  • Industry leading coaching and mentoring
  • Competitive salary and an excellent benefits package
  • Fulltime
Read More
Arrow Right