VMware Administrator

Job description

Remote: Hybrid

We are seeking a Senior Active Directory Engineer to lead the design, implementation, and operation of an enterprise Active Directory environment as part of a major implementation project. This role requires deep technical expertise, strong architectural skills, and hands‑on delivery experience in complex AD environments.

The ideal candidate will have 10 years of experience working with Microsoft Active Directory in large‑scale or enterprise environments and will be comfortable owning the solution from architecture through steady‑state operations
.

• Design enterprise‑grade Active Directory architectures
  , including:
• Forest and domain design
• Trust relationships (internal and external)
• OU structure, delegation models, and naming standards
• Define Group Policy (GPO) strategy aligned with security and operational requirements
• Design identity lifecycle management processes (joiners, movers, leavers)
• Ensure architectural alignment with security and operational best practices

• Perform current‑state assessments of the customer’s AD environment
• Identify and remediate gaps related to:
• Security posture
• Performance and replication health
• Operational inefficiencies
• Technical debt from legacy configurations
• Improve and optimize:
• Group Policy Objects (cleanup, consolidation, redesign)
• AD Sites and Services and replication topology
• DNS and domain controller placement
• Implement non‑disruptive enhancements to existing environments, minimizing business impact
• Plan and execute phased improvement activities with clear risk mitigation and rollback strategies

• Implement AD security best practices
  , including:
• Tiered administration models (e.g., Tier 0/1/2)
• Privileged access management
• Secure administrative delegation
• Harden Active Directory against common attack vectors
• Support incident response related to identity or directory services
• Collaborate with security teams on identity-related controls

• Produce detailed architecture diagrams
  , implementation documents, and SOPs
• Create operational guides and troubleshooting documentation
• Conduct knowledge transfer sessions for operations and support teams

• 10 years of hands‑on experience with Microsoft Active Directory in enterprise environments
• Strong experience across the full AD lifecycle:
• Design
• Implementation
• Migration
• Operations
• Deep technical knowledge of:
• Active Directory Domain Services (AD DS)
• DNS and AD‑integrated DNS
• Group Policy design and troubleshooting
• AD replication and topology
• Proven experience leading AD implementation or transformation projects
• Strong Power Shell skills for AD administration and automation
• Solid understanding of Windows Server internals and authentication mechanisms (Kerberos, NTLM)

• Experience with hybrid identity solutions:
• Azure AD / Microsoft Entra
• Azure AD Connect / Cloud Sync
• Experience with:
• Multi‑forest or multi‑domain environments
• M&A‑related AD consolidation projects
• Familiarity with identity security tools (PAM, MFA integrations)
• Microsoft certifications (preferred, not mandatory):
• Windows Server
• Identity and Access Management
• Experience working in regulated or security‑sensitive environments

• Strong problem‑solving and analytical skills
• Ability to work independently and take ownership of critical systems
• Excellent communication skills for:
• Technical teams
• Project stakeholders
• Management
• Comfortable working in high‑pressure implementation environments
• Strong documentation and presentation skills