AD Architect
Location: Irvine, CA - onsite
Microsoft Active Directory, SAML, AD Domain controller, MFA, AD Integration
"• Lead AD architecture design for the DC Exit program, ensuring hybrid identity continuity.
• Deploy and optimize AD Domain Controllers on AWS EC2 with resilient topology.
• Create AD integration models for migrated Java/.NET, Oracle Exadata, and TIBCO workloads.
• Develop SAML/SSO and MFA authentication models for cloud-hosted applications.
• Define trust models, OU/GPO strategy, secure access controls, and DNS alignment.
• Map AD dependencies and authentication paths for all migration waves.
• Build automation (Terraform/Ansible/PowerShell) for provisioning and configuration.
• Provide runbooks, topology diagrams, HLD/LLD, and operational transition guidelines.
3. Cloud Experience Needed
• Hands-on deployment of AD on AWS, including multi-AZ design and replication setup.
• Experience with AWS Directory Services, DNS forwarding, hybrid authentication flows.
• Expertise integrating AD with AWS IAM, SAML providers, and MFA for cloud workloads.
• Strong understanding of AWS networking for identity: VPC, routing, SGs, DX/VPN/TGW.
• Knowledge of cloud security practices for identity, access, and compliance."
"• Strong expertise in Microsoft Active Directory, multi-site design, FSMO roles, replication, and DNS integration.
• Hands-on experience deploying AD Domain Controllers on AWS with proper site/subnet design.
• Solid understanding of SAML, identity federation, and MFA enforcement for cloud applications.
• Experience supporting AD needs for Java/.NET apps, Oracle/SQL DBs, and TIBCO integrations.
• Strong knowledge of Windows Server 2016–2025 and AD integration for RHEL 7–9 systems.
• Skilled in GPOs, OU structures, certificate services, and security hardening standards.
• Familiar with automation using Terraform, Ansible, and PowerShell for AD operations.
• Ability to troubleshoot authentication issues, replication delays, and hybrid identity failures."
Role Descriptions: Lead AD architecture design for the DC Exit program| ensuring hybrid identity continuity. Deploy and optimize AD Domain Controllers on AWS EC2 with resilient topology. Create AD integration models for migrated Java.NET| Oracle Exadata| and TIBCO workloads. Develop SAMLSSO and MFA authentication models for cloud-hosted applications. Define trust models| OUGPO strategy| secure access controls| and DNS alignment. Map AD dependencies and authentication paths for all migration waves. Build automation (TerraformAnsiblePowerShell) for provisioning and configuration. Provide runbooks| topology diagrams| HLDLLD| and operational transition guidelines.
Essential Skills: AD Architect
Skills: Enterprise Application Architect
Experience Required: 10 & Above
SYSMIND LLC is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without any discrimination. We promote and support a diverse workforce at all levels in the company. All job offers are contingent upon completion of a satisfactory background check and reference checks. Additionally passing the drug test may also be required. All contractors intending to work on SYSMIND's W2 are "at will" employees.
Never miss an opportunity! Create an alert based on the job you applied for.
