CrawlJobs Logo

Senior Active Directory / Kerberos Engineer

https://www.roberthalf.com Logo

Robert Half

Location Icon

Location:
United States , Charlotte

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are proactively building a network of Senior Active Directory / Kerberos Engineers for upcoming consulting and full-time opportunities with enterprise and growing organizations. These roles focus on stabilizing and modernizing identity infrastructure across complex environments, including on-premises Active Directory and cloud-connected systems. The Senior Active Directory Engineer will be responsible for maintaining a secure, reliable, and high-performing directory services environment. This role works closely with infrastructure and security teams to support day-to-day operations while also leading remediation efforts, migrations, and long-term identity initiatives.

Job Responsibility:

  • Assess and support Active Directory health, including replication, domain controllers, and overall environment stability
  • Troubleshoot and resolve Kerberos authentication issues, including those impacting system access and patching workflows
  • Support and guide Windows Server patching, including security updates and identity-related changes
  • Assist with domain controller migrations and decommissioning, ensuring continuity and minimal disruption
  • Contribute to file server migrations, including data transfer, permission validation, and cutover activities
  • Perform environment cleanup and optimization to support future cloud and identity initiatives
  • Document processes, findings, and recommendations for ongoing support and improvements

Requirements:

  • 7+ years of experience in Active Directory engineering or senior systems administration roles
  • Strong understanding of Kerberos authentication, including encryption types and common failure scenarios
  • Experience supporting Windows Server environments, including patching and security updates
  • Familiarity with domain controller operations, replication, and AD health tools
  • Hands-on experience with file server migrations and permission management
  • Strong PowerShell scripting and troubleshooting skills
  • Ability to work in complex, enterprise environments

Nice to have:

  • Experience with Kerberos hardening or authentication-related security updates
  • Exposure to certificate-based authentication (PKINIT)
  • Familiarity with M365 and Azure AD / Entra ID environments
  • Experience supporting identity modernization or hybrid environments
What we offer:
  • medical
  • vision
  • dental
  • life and disability insurance
  • company 401(k) plan

Additional Information:

Job Posted:
April 16, 2026

Employment Type:
Fulltime
Icon
Robert Half - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Active Directory / Kerberos Engineer

IAM Senior Engineer - Active Directory/Entra ID

HPE Global IT is seeking a highly skilled Senior Active Directory (AD), Entra ID...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
  • 10+ years of IT or cybersecurity experience
  • 7+ years focused on AD, Entra ID, and Azure identity engineering in enterprise-scale environments
  • Deep hands-on experience managing multi-forest AD environments (schema, replication, delegation, GPOs, DNS, DHCP)
  • Strong expertise with Entra ID and hybrid identity integration (Entra Connect / Cloud Sync, federation, SSO)
  • Hands-on experience with Azure governance, RBAC, PIM, and access policy enforcement
  • Experience implementing conditional access, passwordless, and phishing-resistant MFA in Entra and Azure
  • Proficiency in PowerShell scripting, Graph API, and Azure automation for identity management and reporting
  • Solid understanding of authentication protocols (Kerberos, NTLM, LDAP, SAML, OIDC, OAuth2)
  • Familiarity with Zero Trust, tiered admin models, and directory hardening practices
Job Responsibility
Job Responsibility
  • Engineer, deploy, and optimize Active Directory, Entra ID, and Azure identity services across enterprise-scale hybrid environments
  • Design and manage multi-forest AD architectures, including schema extensions, replication, delegation, and hardening
  • Implement and maintain cross-domain and cross-tenant synchronization between AD and Entra ID using Entra Connect or Cloud Sync
  • Engineer secure authentication and federation flows leveraging Kerberos, NTLM, SAML, OIDC, and OAuth2
  • Implement and enhance conditional access, MFA, passwordless, and FIDO2 authentication methods in Entra and Azure environments
  • Support Zero Trust Directory Security through tiered administration, least privilege, and delegated access controls
  • Partner with cloud and infrastructure teams to ensure secure integration of Azure resources with enterprise identity services
  • Maintain and secure domain controllers, DNS, DHCP, and Group Policy Objects (GPOs) across global environments
  • Manage Azure AD tenants, subscriptions, and resource access controls (RBAC, PIM, Entra roles)
  • Integrate on-prem AD with Azure workloads, Microsoft 365, Intune, and other SaaS applications
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Engineer – (Systems Engineering, Enterprise Infra & Platform Support)

The Senior Infrastructure & Platform Support Engineer provides end-to-end techni...
Location
Location
United States , Chevy Chase
Salary
Salary:
80000.00 - 215000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience leading engineering efforts or owning internal, enterprise-scale platforms and working directly with enterprise customers
  • Familiarity with enterprise application lifecycle (selection, deployment, user adoption, decommission, integration layers)
  • Strong background in enterprise infrastructure supporting Windows and Linux systems, including builds, configuration, hardening, and troubleshooting
  • Advanced skills with Windows Server, Active Directory, authentication protocols (Kerberos / LDAP / SAML / OAuth), and Azure AD/identity integrations
  • Solid Linux administration experience (Ubuntu, RHEL, or equivalent), with certifications preferred
  • Proficiency in automation and scripting (PowerShell, Bash, Python)
  • Strong understanding of networking fundamentals: TCP/IP, DNS, DHCP, routing, VPNs, firewalls, load balancers, VLANs, and secure connectivity
  • Hands-on experience with cloud platforms (Azure/AWS), hybrid environments, virtualization (vSphere/Hyper-V), and containers (Docker, Kubernetes)
  • Knowledge of monitoring and observability tools, such as Prometheus, Grafana, or equivalent solutions
  • Familiarity with database concepts, performance tuning, and integration of MySQL/PostgreSQL/SQL Server/Oracle with enterprise systems
Job Responsibility
Job Responsibility
  • Provide technical leadership to ensure strong engineering standards and operational excellence
  • Support, configure, and maintain both Linux and Windows server platforms, including application servers, integration components, and system services
  • Design and implement infrastructure solutions for workplace technologies including but not limited to digital mailroom, physical security & safety, and real estate facility management technology platforms—covering on-prem systems, hybrid setups, and SaaS applications
  • Build production-ready configurations emphasizing reliability, maintainability, scalability, and testability
  • Lead incident response, troubleshooting, root-cause analysis, and drive ongoing performance optimization
  • Execute DevOps activities including CI/CD pipeline management, automation scripting, monitoring setup, and Infrastructure as Code
  • Ensure platform observability through logging, alerting, dashboards, and automated health checks
  • Apply secure design practices, compliance controls, network segmentation, encryption, and access management
  • Manage platform lifecycle activities such as patching, upgrades, capacity planning, backups, disaster recovery and identifying opportunities for automation and standardization
  • Collaborate with cross-functional teams, vendors, and senior engineers, communicating clearly with technical and non-technical stakeholders
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Technical Support Engineering - Entra ID Authentication

With more than 45,000 employees and partners worldwide, the Customer Experience ...
Location
Location
Costa Rica , San José
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 1+ years of technical support, technical consulting experience, or information technology experience OR 3+ years of technical support, technical consulting experience, or information technology experience OR equivalent experience
  • 3+ years of technical background, enterprise experience, and knowledge in one or more of the following technologies: Authentication and Authorization Management, Enterprise level protocols (Kerberos, PKI, Oauth, SAML, WS-Fed, etc), Identity Management, Federation, Security Management, MFA
  • 3+ years of experience in troubleshooting or technical support in Azure Active Directory, Identity Synchronization Technologies (Dirsync, AAD Connect, FIM…etc), Active Directory Federation Services (ADFS) – or similar 3rd party experience (Shibboleth, CA SiteMinder, Okta, PING etc), Identity and Access Management, Office 365 Identity Management, Cloud Domain Management, Cloud User Management and configuration
  • Ability to work on rotational shifts, weekends or late shifts as needed
  • English Language: fluent in reading, writing and speaking
  • Ability to meet Microsoft, customer and / or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Reviews complex issues (e.g., multiple components of a product) and contacts customers to understand issue. Ensures customers stay informed as to the status/solution of their issue. Utilizes troubleshooting tools (e.g., event logs, performance traces) to help resolve customer issues
  • Resolves customer issues through problem solving, collaboration, and research. May take escalated issues as needed. Documents technical work and research
  • Performs in-depth product troubleshooting and remediation when needed
  • Collaborates on cross-team and cross-product technical issues by working with resources from other groups as needed to resolve moderately complex customer issues
  • Assists in the implementation of end-to-end readiness programs (e.g., mentoring, knowledge sharing or technical document creation, brown bag sessions, blogs, quality assurance checks). Develops readiness content. Mentors new Technical Support Engineers. Develops intermediate level competence on support topics
  • Provides feedback to more senior engineers or serviceability team on functionality of products based on engagements with customers. Provides feedback to the product group for product improvement
  • Identifies potential defects and escalates to more senior engineers to resolve
  • Applies broad knowledge of automated tools being used across other technologies and products. Provides feedback for tool improvement
  • Identifies and provides feedback to address process gaps in an effort to streamline processes and shares best practices broadly
  • Participates in case triage meetings and/or case discussions to share knowledge with other engineers and contribute to more rapid customer solutions. Utilizes learnings from triage meetings to identify and communicate readiness needs to manager or readiness team
  • Fulltime
Read More
Arrow Right

Technical Support Engineering - Entra ID Authentication

Within CE&S, the Customer Service & Support (CSS) organization builds trust and ...
Location
Location
Costa Rica , San José
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 1+ years of technical support, technical consulting experience, or information technology experience OR 3+ years of technical support, technical consulting experience, or information technology experience OR equivalent experience
  • 3+ years of technical background, enterprise experience, and knowledge in one or more of the following technologies: Authentication and Authorization Management, Enterprise level protocols (Kerberos, PKI, Oauth, SAML, WS-Fed, etc), Identity Management, Federation, Security Management, MFA
  • 3+ years of experience in troubleshooting or technical support in Azure Active Directory, Identity Synchronization Technologies (Dirsync, AAD Connect, FIM…etc), Active Directory Federation Services (ADFS) – or similar 3rd party experience (Shibboleth, CA SiteMinder, Okta, PING etc), Identity and Access Management, Office 365 Identity Management, Cloud Domain Management, Cloud User Management and configuration
  • Ability to work on rotational shifts, weekends or late shifts as needed
  • English Language: fluent in reading, writing and speaking
  • Ability to meet Microsoft, customer and / or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud Background Check upon hire / transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Reviews complex issues (e.g., multiple components of a product) and contacts customers to understand issue
  • Ensures customers stay informed as to the status/solution of their issue
  • Utilizes troubleshooting tools (e.g., event logs, performance traces) to help resolve customer issues
  • Resolves customer issues through problem solving, collaboration, and research
  • May take escalated issues as needed
  • Documents technical work and research
  • Performs in-depth product troubleshooting and remediation when needed
  • Collaborates on cross-team and cross-product technical issues by working with resources from other groups as needed to resolve moderately complex customer issues
  • Assists in the implementation of end-to-end readiness programs (e.g., mentoring, knowledge sharing or technical document creation, brown bag sessions, blogs, quality assurance checks)
  • Develops readiness content
  • Fulltime
Read More
Arrow Right

Data Protection Operations Lead

As a key member of our team, you’ll drive operational excellence, foster innovat...
Location
Location
Canada
Salary
Salary:
101000.00 - 126000.00 CAD / Year
airbnb.com Logo
Airbnb
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of hands-on experience with Access and Privileged Access Management (PAM) operations in a technology-driven environment
  • Demonstrated experience in PAM operational tasks, including safe creation and management, privileged account onboarding, policy development, and least-privilege access model implementation
  • Solid background in identity and access management (IAM) principles and industry best practices
  • Experience with operationalizing Just-In-Time (JIT) privilege models, role-based access controls (RBAC), and enforcing Segregation of Duties (SoD)
  • Working knowledge of authentication protocols (e.g., SAML, OAuth, OpenID Connect, Active Directory, LDAP, Kerberos)
  • Familiarity with cloud-based privileged access management, including the classification and management of non-human identities (service accounts, API keys, etc.)
  • Strong understanding of security standards and regulatory frameworks (NIST, ISO/IEC, FFIEC) relevant to access management
  • Strong SQL abilities, including querying and dashboard creation
  • Clear, concise communication skills, with a proven ability to collaborate across engineering, security, product, and operational teams without a technical background to drive alignment and best-in-class solutions
  • Experience in documenting policies, procedures, and reporting on PAM-related risk and compliance metrics
Job Responsibility
Job Responsibility
  • Governance & Reporting: Measure, report, and govern privileged access controls to ensure compliance
  • Requirements & Implementation: Document and translate PAM (Privileged Access Management) requirements for technology partners, supporting efficient, modern, and sustainable solutions
  • Stakeholder Collaboration: Work cross-functionally to develop and iterate on PAM requirements across Process, Data, and Technology domains
  • Policy & Standards: Partner with the policy governance team to socialize and publish updates to the PAM Standard
  • Authentication & Security: Apply your mastery of authentication platforms (Active Directory, LDAP, Kerberos, Radius) and PAM principles (JIT provisioning) to make recommendations to policy and provisioning processes and technology teams
  • Regulatory Compliance: Ensure alignment with industry regulations and standards (NIST, ISO/IEC, FFIEC), particularly within financial services
  • Risk Management: Proactively identify, assess, and mitigate PAM risks, driving continuous improvement and accountability
  • Stakeholder Engagement: Report on existing and emerging PAM/information security risks to senior leadership with transparency and clarity
  • Quality Assurance: Design and execute thorough test strategies for privileged access processes, collaborate on defect resolution, and recommend improvements for usability, resilience, and security
  • Documentation: Maintain clear, comprehensive records of policies, approval processes, and test outcomes
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Employee Travel Credits
  • Fulltime
Read More
Arrow Right

Technical Support Engineer - Windows Directory Services

As a Technical Support Engineer, you will own, troubleshoot, and solve customers...
Location
Location
Canada , Vancouver
Salary
Salary:
69600.00 - 130900.00 CAD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science, Information Technology (IT), or related field AND 1+ years of technical support, technical consulting experience, or information technology experience OR 3+ years of technical support, technical consulting experience, or information technology experience OR equivalent experience
  • Proficiency in verbal and written communication in English
  • For candidates residing in Quebec, proficiency in verbal and written communication in French is required
  • Ability to meet Microsoft, customer and / or government security screening requirements
  • Microsoft Cloud Background Check
  • Microsoft Technology Certifications
  • Windows System Administration, Configuration, including a good basic understanding of: Registry
  • User Accounts and Access Control
  • Event Logs and Auditing
  • Networking (TCP, IP)
Job Responsibility
Job Responsibility
  • Reviews complex issues and contacts customers to understand issue
  • Ensures customers stay informed as to the status/solution of their issue
  • Utilizes troubleshooting tools to help resolve customer issues
  • Resolves customer issues through problem solving, collaboration, and research
  • Documents technical work and research
  • Performs in-depth product troubleshooting and remediation when needed
  • Collaborates on cross-team and cross-product technical issues
  • Assists in the implementation of end-to-end readiness programs
  • Develops readiness content
  • Mentors new Technical Support Experts
  • Fulltime
Read More
Arrow Right

Senior Staff Identity and Access Management Engineer

GEICO is seeking an experienced Engineer with a passion for building high perfor...
Location
Location
United States , Chevy Chase; Palo Alto; Dallas; Seattle
Salary
Salary:
120000.00 - 260000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of professional experience in technology or identity engineering
  • 8+ years of experience with security, identity, architecture, and design
  • 4+ years of experience with open-source frameworks is desired
  • 4+ years of experience with AWS, GCP, Azure, or another cloud service
  • 1+ years of people management experience
  • Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
  • Experience building the architecture and design (architecture, design patterns, reliability, and scaling) of new and current systems
  • Fluency in DevOps Concepts, Cloud Architecture, and the Software Development Lifecycle
  • Experience in security protocols and products: Understanding of Active Directory, Kerberos, LDAP, SAML, OAuth, and OIDC
  • Experience with continuous delivery and infrastructure as code
Job Responsibility
Job Responsibility
  • Lead execution and adoption of modern authentication and authorization mechanisms (SAML, OIDC/OAUTH2)
  • Engage peers and leaders at all levels
  • Consistently share best practices and improve processes within and across teams
  • Determine and support resource requirements, evaluate operational processes, measure outcomes to ensure desired results, and demonstrate adaptability and sponsoring continuous learning
  • Own the complete project lifecycle for application integrations of both on-premises and SaaS applications with our IGA platform
  • Collaborate with application team to implement tokenization solutions that reduce sensitive data exposure, thereby enhancing data security and minimizing the risk of unauthorized access
  • Stay at the forefront of emerging identity trends, technologies, and best practices, and apply this knowledge to enhance GEICO’s data protection strategies
  • Provide technical guidance and mentorship to the team, fostering a culture of innovation, collaboration, and continuous improvements
  • Collaborate with cross-functional teams, including security, compliance, and application teams to ensure the seamless integration and alignment of solutions with organizational goals
  • Build resilient and scalable architecture, driving innovation and cost efficiency
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Senior Software Engineer - Windows Debugging

We are looking to expand our team of Software Engineers (SWEs), that enables the...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 4+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • 4+ years’ experience in software engineering or systems administration with Windows Client/Server
  • 4+ years’ experience in customer-facing site reliability, service engineer role or support engineer roles
  • Experience troubleshooting and data/log analysis skills (Perfmon/XPerf/ETL/ETW)
  • Ability to understand LSASS functionality, Kerberos protocol, and cloud authentication packages
  • Hands-on experience with Entra ID (client-side) and hybrid authentication scenarios bridging Active Directory and Entra ID
  • Technical proficiency, troubleshooting and learning attitude towards Microsoft M365 technologies
Job Responsibility
Job Responsibility
  • Collaborate with cross-functional teams across Microsoft to gather requirements, align on technical direction, and deliver high-quality software
  • Analyze product usage patterns and customer feedback to identify opportunities for feature enhancements and performance improvements
  • Implement and validate software changes through rigorous testing and continuous integration practices to ensure quality and reliability
  • Demonstrate leadership by taking ownership of projects, driving technical excellence, and fostering a collaborative team environment
  • Engage with other engineering teams to conduct code reviews, share best practices, and contribute to architectural decisions
  • Utilize debugging tools, performance profilers, and source code analysis to diagnose and resolve software issues efficiently
  • Maintain a customer-focused mindset by building intuitive, performant, and secure software that meets user needs and expectations
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy