Active Directory Systems Architect
12 month daily rate contract
- To work with the technical and functional staff to analyse requirements and develop enhancements within the AD/ADCS environment.
- To ensure the ongoing stability and overall health of the Active Directory environments (including Azure AD).
- To develop custom reports as required.
- Conduct analysis of existing solutions/processes document any gaps, and redesign (if necessary).
- Design and build a test/development sandbox environment.
- Troubleshooting application/solution issues and problem analysis, technical investigation, and resolution of support queries and escalations.
- To maintain, upgrade and patch the AD environments, ensuring minimal downtime and maximum performance and stability in line with best practices.
- Resource and Capacity Planning.
- To review and advise on restructuring of existing group policy objects
- 1Perform planning and clean-up of redundant AD objects (Users, Groups, Computer objects)
- To advise on and implement OS Hardening as required
- To advise on and desktop security best practices, specifically in a Windows 10 context
- To assess and provide advice on the restriction of local and domain wide rights and permissions
- Documentation of critical AD tasks.
- Support the Identity team and other colleagues through mentoring, documentation, coaching and knowledge sharing, with a focus on continuous improvement and service delivery
- To review and advise on Azure Identity Management and Governance.
- To provide advice and guidance on the implementation of Privileged Access Management (PAM)/Just in Time Admin (JITA)/Just Enough Admin (JEA)
Technical Knowledge of:
- Designing, administering, and maintaining Active Directory, installation, and upgrades (DC and schema upgrades), and OS level patching.
- Group Policy Administration.
- Active Directory Backup/Restore, from object level restore to full DR recovery
- AD Security including hardening Servers/Workstations using MS Baselines via Group Policy (e.g. Deploying AppLocker)
- AD PowerShell scripting
- Azure AD Administration
- Advanced security methodologies (PAM/JITA/JEA)
Experience with the following associated technologies
- Active Directory Federated Services
- Microsoft Identity Manager
- Troubleshooting & Root Cause Analysis within Active Directory environments
The Candidate must have the following qualification
- MCSE Microsoft Professional Certification in an AD related discipline,
- Equivalent MS approved certification