Remote FTE Active Directory Architect/leaning toward Security


$80,000 - $120,000
Full Time


Active DirectoryPAMAzureExchangePKIM365SharePointSCCM/MECM IntuneGPOS.PowerShell

Job Details

XMS Solutions is looking for an Active Directory Architect that has Security in their tool box.

Why do you want to work for US?  XMS is a private company run by former Microsoft Engineers that GET what today's TECH STARS are looking for.........

1) Benefits no other employer offers, starting with your insurance premiums paid in full by XMS

2) 3 Weeks Vacation & 8 Holidays when you start. Thats 23 paid work days!

3) 401K matched to 4%, you are eligible after ONLY 6 MONTHS!

4) Did I mention we pay for your DEDUCTABLES as well? Also this is for the employee AND

your eligible family member!

5) Your insurance benefits start on the first day of the month after you start! I started April 25 and I had insurance May 1 !

6) All salaried Engineers, Architects & Consultants are eligible for bonuses based on billable hours. These bonuses are paid MONTHLY!

7) Work with a group of A+ technical ROCKSTARS/ Oh and by the way, they are really NICE people too

8) Its REMOTE! We don't even have an office to go back to. 

9) Love what you do PLUS the company you work for! XMS is the place to be!


1) A high skill set in Active Directory, PAM, Azure, Exchange, PKI, M365, SharePoint, SCCM/MECM Intune, GPOS.

2) a great attitude with putting CUSTOMERS FIRST

3) a will to learn new things and grow with us

4) you got to be a NICE person! we don't work in a toxic environment

5) you can pass a background check 

6) you can gain security clearance with our assistance if needed


 Responsibilities include

  • Acts as an expert providing direction and guidance to process improvements and establishing policies.
  • Demonstrates technical leadership and exerts influence outside of the immediate team. Develops innovative team solutions to complex problems. Contributes to strategic direction for teams.
  • Applies in-depth or broad technical knowledge to provide maintenance solutions across one or more technology areas
  • Integrates technical expertise and business understanding to create superior solutions for the company and customers. 
  • Exercises significant independent judgment within broadly defined policies and practices to determine the best method for accomplishing work and achieving objectives.
  • Create and document detailed guides and tracking documents - for clients to leverage as part of Active Directory hardening and overall infrastructure enhancements.
  • Tier 3 level troubleshooting including diagnosing complex replication and multi domain issues.
  • Develop standards, target states, roadmaps, effectively communicating and obtaining consensus across architecture, engineering, and operations teams

Required Education & Experience

  • Expert knowledge administering AD and AAD support services such as AAD Conditional Access Policies, AAD Self-Service Password Reset (SSPR), AAD Connect and Windows Server DNS
  • Expert knowledge designing, testing, deploying and maintaining Active Directory Group Policy (GPO) for the purpose of securing Domain Controllers, Domain Member Servers and Domain Member Workstations
  • Expert analyzing security risks with proposed changed to AD, AAD, ADFS, AZAP, Domain Controllers, GPOs, etc. and providing an understandable summary of those risks to management for proper implementation decisions
  • Knowledge of third-party AD support services such as Quest Active Roles, Quest Change Auditor for AD
  • Knowledge on configuring, deploying and onboarding applications for remote access via AZAP, including the use of Kerberos constrained delegation (KCD) for Single Sign On.
  • Experience working with cyber security teams to actively update AAD conditional access policy and AD Group Policies as determined by cyber threats and operational requirements
  • Knowledge of Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) – as it pertains to Enterprise Domain design and support
  • Experience as a subject matter expert (SME) Senior Active Directory System Engineer or Architect in a large AD environment with the proven ability to coordinate technical efforts and resolve issues across multiple teams.
  • Strong working knowledge of Windows 2016 and 2019 Member Servers and Domain Controller operating systems platforms, DNS, networks, DMZs, network security zones
  • PowerShell scripting experience and capabilities

Hands-on expertise with Azure AD Connect and AD Cloud SaaS


Contact me at