Senior Active Directory Specialist (Architect)

The Senior Active Directory Specialist is responsible for the Global design of the OT Active Directory (AD) environment for a 6 months contract period, ensuring optimal performance, security, and availability. This role plays a critical part in designing appropriate identity and access, enforcing security best practices, and supporting enterprise-wide authentication and directory services.

• Design the AD infrastructure, including domain controllers, DNS, DHCP, and Group Policy
• Suggest processes to Monitor, troubleshoot, and optimize AD to ensure stability and performance

• Develop IAM policies, procedures, and controls
• Design mechanisms and suggest procedures for user provisioning, de-provisioning, and access control in alignment with security policies (Design)

• Design AD security best practices, inline with current practices including MFA, security baselines, and privileged access management
• Suggest processes to conduct security audits, patching, and vulnerability assessments.

• Design AD disaster recovery and business continuity plans
• Design backup and recovery tests to ensure data integrity and availability

• Suggest PowerShell scripts to automate AD tasks such as account management and reporting
• Suggest automated monitoring and alerting solutions for AD performance and security

• Work with IT teams to plan integration of AD with cloud services (e.g., Azure AD, Office 365)
• Provide expert-level support for AD-related incidents and service requests

• Maintain detailed documentation of AD architecture, policies, and procedures

• Bachelors degree in Computer Science, Information Technology, or a related field
• 10+ years of experience managing and administering Active Directory in enterprise environments
• Expertise in Windows Server, DNS, DHCP, Group Policy, and PowerShell scripting
• Experience with Azure AD, ADFS, and identity federation
• Strong understanding of AD security hardening, MFA, PKI, and LDAP
• Familiarity with IAM tools such as Okta, CyberArk, or similar
• Excellent troubleshooting, analytical, and communication skills

• Microsoft Certified : Identity and Access Administrator Associate
• Microsoft Certified : Server Infrastructure (Must Have)
• Microsoft Certified : Cloud Platform and Infrastructure (Must Have)
• Microsoft Certified : Windows Server Hybrid Administrator Associate
• CompTIA Security+ or CISSP (Advantageous)
• Microsoft Azure Fundamentals or Azure Administrator Associate