Senior Active Directory Specialist (Architect)

The Senior Active Directory Specialist is responsible for the design of the OT Active Directory (AD) environment ensuring optimal performance, security, and availability. This role plays a critical part in designing appropriate identity and access, enforcing security best practices, and supporting enterprise-wide authentication and directory services.

• Responsible for the design of the OT Active Directory (AD) environment. Active Directory Administration
• Design the AD infrastructure, including domain controllers, DNS, DHCP, and Group Policy.
• Suggest processes to monitor, troubleshoot, and optimize AD to ensure stability and performance. Identity and Access Management (IAM)
• Develop IAM policies, procedures, and controls.
• Design mechanisms and suggest procedures for user provisioning, and access control in alignment with security policies.
• Security and Compliance
• Design AD security best practices in line with current practices including MFA, security baselines, and privileged access management.
• Suggest processes to conduct security audits, patching, and vulnerability assessments.
• Disaster Recovery and Backup
• Design AD disaster recovery and business continuity plans.
• Design backup and recovery tests to ensure data integrity and availability.
• Scripting and Automation
• Suggest PowerShell scripts to automate AD tasks such as account management and reporting.
• Suggest automated monitoring and alerting solutions for AD performance and security.
• Collaboration and Support
• Work with IT teams to plan integration of AD with cloud services (e.g., Azure AD, Office 365).
• Provide expert-level support for AD-related incidents and service requests.
• Documentation and Reporting
• Maintain detailed documentation of AD architecture, policies, and procedures.

• Matric and Bachelor's degree in Computer Science, Information Technology, or a related field.
• 10+ years of experience managing and administering Active Directory in enterprise environments.
• Microsoft Certified: Server Infrastructure (Must Have)
• Microsoft Certified: Cloud Platform and Infrastructure (Must Have)
• Expertise in Windows Server, DNS, DHCP, Group Policy, and PowerShell scripting.
• Experience with Azure AD, ADFS, and identity federation.
• Strong understanding of AD security hardening, MFA, PKI, and LDAP.
• Familiarity with IAM tools such as Okta, CyberArk, or similar.
• Excellent troubleshooting, analytical, and communication skills.

• Microsoft Certified: Identity and Access Administrator Associate
• Microsoft Certified: Windows Server Hybrid Administrator Associate
• CompTIA Security+ or CISSP (Advantageous)
• Microsoft Azure Fundamentals or Azure Administrator Associate