AD Architect - Hybrid Identity & Cloud IAM Lead

Microsoft Active Directory, SAML, AD Domain controller, MFA, AD Integration

• Lead AD architecture design for the DC Exit program, ensuring hybrid identity continuity.
• Deploy and optimize AD Domain Controllers on AWS EC2 with resilient topology.
• Create AD integration models for migrated Java/.NET, Oracle Exadata, and TIBCO workloads.
• Develop SAML/SSO and MFA authentication models for cloud-hosted applications.
• Define trust models, OU/GPO strategy, secure access controls, and DNS alignment.
• Map AD dependencies and authentication paths for all migration waves.
• Build automation (Terraform/Ansible/Power Shell) for provisioning and configuration.
• Provide runbooks, topology diagrams, HLD/LLD, and operational transition guidelines.
• Hands-on deployment of AD on AWS, including multi-AZ design and replication setup.
• Experience with AWS Directory Services, DNS forwarding, hybrid authentication flows.
• Expertise integrating AD with AWS IAM, SAML providers, and MFA for cloud workloads.
• Strong understanding of AWS networking for identity: VPC, routing, SGs, DX/VPN/TGW.
• Knowledge of cloud security practices for identity, access, and compliance.

• Strong expertise in Microsoft Active Directory, multi-site design, FSMO roles, replication, and DNS integration.
• Hands-on experience deploying AD Domain Controllers on AWS with proper site/subnet design.
• Solid understanding of SAML, identity federation, and MFA enforcement for cloud applications.
• Experience supporting AD needs for Java/.NET apps, Oracle/SQL DBs, and TIBCO integrations.
• Strong knowledge of Windows Server 2016–2025 and AD integration for RHEL 7–9 systems.
• Skilled in GPOs, OU structures, certificate services, and security hardening standards.
• Familiar with automation using Terraform, Ansible, and Power Shell for AD operations.
• Ability to troubleshoot authentication issues, replication delays, and hybrid identity failures.