Title : IAM Engineer With Azure AD and Entra ID
Location : Ada, MI , Kent County (onsite)
Duration : 12+ Months
Rate : $50/hr on w2
Relevant Experience 8 to 10 Yr
Required Skills:
• Proven experience architecting AD in large, multi-domain, multi-site enterprise environments.
• Deep expertise in:
o Domain/Forest model design
o Group Policy architecture
o AD security & hardening
o DNS/DHCP
o Azure AD & Hybrid Identity
o Federation & SSO models (ADFS, OAuth, SAML)
• Strong PowerShell automation skills.
• Solid understanding of networking (TCP/IP, routing, firewalls, load balancers).
• Familiarity with zero-trust and identity security frameworks.
Key Responsibilities:
Active Directory Architecture & Design
• Lead the design and implementation of enterprise-scale Active Directory architectures.
• Architect domain/forest structures, OU design, Group Policy frameworks, and AD security baselines.
• Define AD governance, naming conventions, delegation models, and identity lifecycle standards.
• Oversee AD replication, domain controller placement, and Site/Subnet configurations.
• Design and implement secure authentication models (Kerberos, LDAP/S, NTLM hardening).
Identity & Access Management
• Architect solutions for IAM, including RBAC, least privilege models, privileged access management (PAM), and SSO/MFA.
• Lead integration between on-prem Active Directory and Azure AD (Cloud Hybrid Identity).
• Oversee Azure AD Connect, federation services (ADFS), Conditional Access, and identity governance.
Windows Infrastructure Architecture
• Design and standardize Windows Server builds, hardening baselines, and automation frameworks.
• Architect solutions for patching, configuration management, and OS lifecycle management.
• Provide architecture leadership for virtualization platforms (VMware/Hyper-V) as they relate to Windows workloads.
Security & Compliance
• Lead identity and Windows security posture improvements using Entra ID Protection, Conditional Access, and MFA.
• Work closely with the security team to design secure AD and Windows infrastructures aligned with zero-trust principles.
• Drive remediation of AD vulnerabilities, legacy protocols, and misconfigurations.
• Support identity governance audits, compliance assessments, and security reviews.
Automation & Optimization
• Architect automation solutions using PowerShell, DSC, and modern configuration tools (Intune/SCCM).
• Recommend improvements to performance, reliability, identity workflow, and user provisioning.
Cross-Functional Leadership
• Serve as the enterprise SME for AD, Windows, and identity services..
Must Skills:
RBAC models
PAM strategy
ADFS
AD security hardening
Zero Trust architecture
Thanks & regards,
Anitha golla
Technical Recruiter | ASCII Group, LLC
Email: - Desk -
38345 W. 10 Mile Rd, Ste.#365; Farmington, MI 48335
Website: