EUS Active Directory Engineer

JOB SUMMARY

The Active Directory Engineer is responsible for the design, administration, security, and lifecycle management of the organization’s identity and directory services. This role ensures the stability, integrity, and availability of Active Directory (AD), Azure Active Directory (AAD), Group Policy Objects (GPOs), DNS, DHCP, and related IAM components.

The engineer works closely with Infrastructure, Security, Applications, and End User Services teams to ensure directory services meet organizational needs and comply with security and compliance standards. The role requires deep technical expertise, strong analytical skills, and a proactive, collaborative approach to problem-solving in a fast-paced, multi-client environment.

Success in this role requires consistency, attention to detail, excellent communication, and the ability to support both operational tasks and strategic initiatives, including modernization, automation, and identity governance improvements.

JOB RESPONSIBILITIES:

 Active Directory & Identity Management

• Administer and maintain on-premises Active Directory and Azure AD (AAD).
• Create, manage, and audit user accounts, security groups, and service accounts.
• Design, implement, and maintain Group Policy Objects (GPOs) for security and configuration management.
• Manage multi-domain or multi-forest environments as required.

Security & Compliance

• Implement and maintain security policies aligned with IAM standards.
• Support MFA, Conditional Access, and identity protection configurations.
• Perform regular AD health checks, security baselines, and compliance audits.
• Collaborate with Security teams to address vulnerabilities and harden AD environments.

Infrastructure Operations

• Manage DNS, DHCP, Sites & Services, replication, and time synchronization.
• Troubleshoot AD authentication, access issues, trust relationships, and domain controller performance.
• Support server patching, upgrades, and lifecycle management of directory services.

Projects & Continuous Improvement

• Participate in identity modernization initiatives (e.g., hybrid identity, SSO, automation).
• Collaborate on IAM and Zero Trust roadmap activities.
• Document policies, procedures, diagrams, and operational workflows.
• Drive improvements in automation (PowerShell, Intune integrations, AAD automation) to streamline operations.

Collaboration

• Work closely with End User Services, Infrastructure, Security, Application teams, and external clients.
• Provide technical guidance and support to internal teams and cross-functional stakeholders.
• Escalate and communicate clearly in multi-client service environments

POSITION REQUIREMENTS – TECHNICAL SKILLS

• 3+ years of experience managing Active Directory and Azure AD environments.
• Strong knowledge of GPO design, implementation, and troubleshooting.
• Expertise in DNS, DHCP, and identity-related networking concepts.
• Experience with hybrid identity, AAD Connect, and synchronization troubleshooting.
• Proficiency in PowerShell for automation and administration.
• Experience with MFA, Conditional Access, RBAC, and identity governance tools.
• Familiarity with Intune/MEM, SCCM, or similar endpoint management solutions (preferred).
• Understanding Zero Trust, OAuth, SAML, and modern authentication protocols (preferred).

POSITION QUALIFICATIONS - EDUCATION

• Bachelor’s degree in IT or related field.

RELEVANT CERTIFICATIONS (PLUS)

• Microsoft 365 Certified: Identity and Access Administrator
• Microsoft 365 Certified: Modern Desktop Administrator
• Azure Administrator Associate
• CompTIA Security+ or equivalent
• ITIL Foundation certification.

PROFESSIONAL SKILLS

• Strong verbal and written communication skills in English.
• Analytical mindset and strong troubleshooting skills.
• Proactive, organized, and able to manage multiple priorities.
• Customer-oriented with the ability to operate in multi-client environments.

​