Overview
Skills
Job Details
Job Title: Senior Directory Infrastructure Engineer
Location: Washington DC / Remote
Interview: In-person - Local candidates are highly preferred
Overview
The client’s Security and Engineering Team seeks a Senior Directory Infrastructure Engineer with advanced expertise in enterprise identity platforms. The role focuses on architecting, implementing, and managing complex directory services environments, with a particular emphasis on Active Directory (AD), Entra ID (formerly Azure AD), OKTA Universal Directory, and LDAP. This position requires hands-on experience with directory lifecycle management, automation, integration, and security in large-scale, multi-domain, and hybrid environments.
Key Technical Responsibilities
• Design & Implementation
• Architect, deploy, and maintain enterprise directory services, including multi-forest Active Directory, Entra ID, and OKTA Universal Directory.
• Lead domain consolidation, migration, and forest restructuring projects, including cross-domain and cross-forest trust design.
• Plan and execute AD domain lifecycle operations: creation, upgrade, maintenance, and decommissioning.
• Automation & Integration
• Develop and maintain advanced PowerShell scripts to automate directory management, reporting, and remediation.
• Integrate directory services with external systems using Microsoft GraphAPI and REST APIs for custom workflows and provisioning.
• Implement and manage directory synchronization technologies (e.g., Azure AD Connect, OKTA integration agents).
• Security & Compliance
• Apply identity security best practices, including Privileged Identity Management (PIM), Just-In-Time (JIT) access, and continuous access validation.
• Design and enforce security policies for directory infrastructure, including Group Policy Objects (GPOs), access controls, and audit logging.
• Develop and test disaster recovery and business continuity plans for directory services.
• Monitoring & Optimization
• Establish domain health monitoring, alerting, and proactive maintenance procedures.
• Optimize domain controller sizing, placement, replication topology, and performance.
• Maintain comprehensive documentation for directory architecture, operational procedures, and incident response.
• Support & Escalation
• Provide Tier 3 escalation support for critical directory service incidents and troubleshooting.
Required Technical Qualifications
• Minimum 5 years of hands-on experience with enterprise directory services (Active Directory, Entra ID, OKTA Universal Directory, LDAP).
• Demonstrated expertise in AD domain lifecycle management (creation, upgrade, decommissioning).
• Advanced PowerShell scripting skills with a portfolio of automation solutions for directory management.
• Proven experience integrating directory services with Microsoft GraphAPI and REST APIs.
• Deep knowledge of directory synchronization (Azure AD Connect, OKTA agents).
• Experience with multi-forest, hybrid identity, and cross-platform directory architectures.
• Strong understanding of identity security frameworks, compliance, and modern authentication protocols (SAML, OAuth, OIDC).
Preferred Technical Qualifications
• Relevant certifications: Microsoft 365 Certified: Identity and Access Administrator, OKTA Professional, etc.
• Experience with Infrastructure as Code (IaC) tools (Terraform, Ansible) for directory infrastructure automation.
• Expertise in Group Policy design, management, and troubleshooting.
• Experience with domain controller performance optimization and functional level upgrades.
• Familiarity with CI/CD pipelines for infrastructure automation.
• Experience implementing Zero Trust architecture principles in directory environments.
Note: Candidates must provide evidence of previous project leadership in large-scale directory migrations, automation, and integration initiatives.
Please share your resume in Word Format along with Work Status and Expected rate