Active Directory Architect

Must Have Technical/Functional Skills

In this role, the Architect is responsible for designing, implementing, and managing on-premises Active Directory and Azure Active Directory (AAD) environments.

This position requires deep expertise in identity and access management, advanced troubleshooting, and architectural design for hybrid environments.

Key Responsibilities

Architecture & Design

• Define and manage technical standards for Active Directory and Azure AD.
• Design and implement secure, scalable identity solutions for hybrid environments.
• Develop IAM policies, standards, and procedures aligned with compliance requirements.

Operations & Support

• Handle Level 3 (L3) activities: critical incident resolution, change management, and complex troubleshooting.
• Maintain and optimize AD infrastructure (DNS, GPOs, replication, FSMO roles).
• Monitor Azure AD Connect Health portal for sync alerts and performance analytics.

Integration & Automation

• Configure and troubleshoot Azure AD Connect, synchronization policies, and staging servers.
• Implement SSO integrations using OAuth, OIDC, and SAML.
• Develop advanced PowerShell scripts and Graph API integrations for automation.

Security & Compliance

• Implement MFA, Conditional Access, and Privileged Identity Management (PIM).
• Ensure compliance through periodic audits and reporting.
• Manage disaster recovery planning for AADC and ADFS environments.

Collaboration & Governance

• Act as a trusted advisor for stakeholders and lead technical governance meetings.
• Provide knowledge transfer and mentoring to junior engineers.
• Participate in service reviews and strategic planning for IAM services.

Required Technical Skills

• Active Directory (On-Prem)
• AD replication troubleshooting, schema updates, GPO management.
• DNS/DHCP provisioning and trust relationships.
• Azure AD
• Enterprise app registration, SSO configuration, certificate updates.
• Conditional Access, MFA, and identity lifecycle management.
• ADFS
• Federation setup, DR planning, certificate management.
• Automation
• PowerShell scripting for AD/AAD tasks.
• Experience with Microsoft Graph API for automation.
• Behavioral Competencies
• Strong analytical and problem-solving skills.
• Excellent communication and stakeh older management.
• Ability to work in Agile environments and lead technical initiatives.
• Strategic thinking and business acumen.

Experience & Certifications

• Experience: Minimum 8-10 years in AD/AAD engineering and architecture.
• Certifications: Microsoft Certified: Azure Administrator Associate or Azure Solutions Architect Expert preferred.
• Domain Knowledge: Retail or enterprise IT environments is a plus.