Active Directory L3 Architect

Job Description

In this role, the Architect is responsible for designing, implementing, and managing on-premises Active Directory and Azure Active Directory (AAD) environments. This position requires deep expertise in identity and access management, advanced troubleshooting, and architectural design for hybrid environments.

• Define and manage technical standards for Active Directory and Azure AD.
• Design and implement secure, scalable identity solutions for hybrid environments.
• Develop IAM policies, standards, and procedures aligned with compliance requirements.

• Handle Level 3 (L3) activities: critical incident resolution, change management, and complex troubleshooting.
• Maintain and optimize AD infrastructure (DNS, GPOs, replication, FSMO roles).
• Monitor Azure AD Connect Health portal for sync alerts and performance analytics.

• Configure and troubleshoot Azure AD Connect, synchronization policies, and staging servers.
• Implement SSO integrations using OAuth, OIDC, and SAML.
• Develop advanced Power Shell scripts and Graph API integrations for automation.

• Implement MFA, Conditional Access, and Privileged Identity Management (PIM).
• Ensure compliance through periodic audits and reporting.
• Manage disaster recovery planning for AADC and ADFS environments.

• Act as a trusted advisor for stakeholders and lead technical governance meetings.
• Provide knowledge transfer and mentoring to junior engineers.
• Participate in service reviews and strategic planning for IAM services.

• Active Directory (On-Prem)
• AD replication troubleshooting, schema updates, GPO management.
• DNS/DHCP provisioning and trust relationships.
• Azure AD
• Enterprise app registration, SSO configuration, certificate updates.
• Conditional Access, MFA, and identity lifecycle management.
• ADFS
• Federation setup, DR planning, certificate management.
• Automation
• Power Shell scripting for AD/AAD tasks.
• Experience with Microsoft Graph API for automation.
• Strong analytical and problem-solving skills.
• Excellent communication and stakeholder management.
• Ability to work in Agile environments and lead technical initiatives.
• Strategic thinking and business acumen.

• Minimum 8-10 years in AD/AAD engineering and architecture.
• Microsoft Certified:
  Azure Administrator Associate or Azure Solutions Architect Expert preferred.
• Domain knowledge of Retail or enterprise IT environments is a plus.

• Discretionary Annual Incentive.
• Comprehensive Medical Coverage:
  Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.
• Family Support:
  Maternal & Parental Leaves.
• Insurance Options:
  Auto & Home Insurance, Identity Theft Protection.
• Convenience & Professional Growth:
  Commuter Benefits & Certification & Training Reimbursement.
• Time Off:
  Vacation, Time Off, Sick Leave & Holidays.
• Legal & Financial Assistance:
  Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

$100,000-$130,000 a year

BACHELOR OF COMPUTER SCIENCE