Job description

Job Description


    Job Title: Azure AD/Federation 

    Work Location: Atlanta, GA (Hybrid)
     

    Job Overview

    We are seeking an Azure Active Directory Migration Engineer to spearhead our Active Directory modernization initiatives. This key role involves designing and implementing an enterprise-grade Active Directory infrastructure, ensuring that directory services are secure, scalable, and highly available. The ideal candidate will lead the migration project through its various stages Discovery, Design, Build, and Migration while collaborating with internal and external stakeholders. A successful candidate will have extensive experience in enterprise-scale Active Directory migration services and a proven ability to communicate technical outcomes effectively to senior leadership.

    Key Responsibilities

    • Enterprise AD Design & Implementation: Design, plan, and deploy large-scale Active Directory environments. This includes configuring forests, domains, group policy objects (GPOs), organizational unit (OU) structures, and DNS architecture.
    • Migration Strategy Assessment: Evaluate the current Active Directory (AD) setup and develop a target state plan, incorporating Microsoft ID or hybrid solutions.
    • Lead Migration Initiatives: Oversee the migration from legacy directory services to modern Active Directory systems, ensuring minimal business disruption.
    • Security Best Practices: Implement and enforce security measures, including role-based access control (RBAC), authentication protocols, and group membership structures.
    • Cross-functional collaboration: Work closely with various teams to integrate Active Directory with identity management platforms, cloud services, and third-party applications.
    • Documentation & Standards: Develop and maintain comprehensive documentation, including configuration standards and operating procedures, related to Active Directory infrastructure.
    • Infrastructure Optimization: Conduct capacity planning, performance tuning, and troubleshooting for AD infrastructure components.
    • Backup/Recovery & Security: Ensure a robust backup and recovery plan for Active Directory while enhancing the security posture of directory services.
    • Technology & Security Awareness: Stay up to date with the latest technologies, trends, and security threats related to Active Directory and identity management.
       

    Required Expertise

    • Educational Background: Bachelor’s degree in Computer Science, Information Technology, or a related field is required. A Master’s degree is preferred.
    • Professional Experience: A minimum of 5+ years of experience in designing, deploying, and managing enterprise-scale Active Directory environments.
    • Azure AD Migration Expertise: In-depth knowledge of Azure Active Directory migration strategies and associated key controls.
    • AD Architecture Mastery: Strong understanding of Active Directory architecture, including domains, forests, trusts, replication, and site topology.
    • Automation Proficiency: Skilled in PowerShell scripting for automating tasks, configuration management, and reporting.
    • Experience with Identity Solutions: Hands-on experience with Active Directory Federation Services (AD FS), Azure Active Directory (AAD), and hybrid identity environments.
    • Directory Services Protocols: Proficient in LDAP, Kerberos, NTLM, and DNS protocols, with practical experience in these areas.
    • Migration & Consolidation: Experience in consolidating Domain Controllers and migrating users to Single Sign-On (SSO) providers such as Okta or ForgeRock.
    • Communication Skills: Excellent verbal and written communication skills, with the ability to explain complex technical concepts to both technical and non-technical stakeholders.
    • Certifications: Relevant industry certifications, such as Microsoft Certified: Azure Solutions Architect Expert or Microsoft Certified: Identity and Access Administrator Associate, are highly desirable.
       

    Qualification

    • Strong Knowledge of Single Sign-On (SSO) Components: Comprehensive understanding of the core elements and functionality of SSO systems.
    • Extensive Azure Active Directory Experience: Proven hands-on experience in designing, implementing, and managing complex Azure Active Directory (AD) environments.
    • Expertise in Identity Federation Protocols: Deep understanding of identity federation technologies like SAML, OAuth, and OpenID Connect.
    • Azure AD Security Configuration: Proficient in setting up and managing Azure AD Conditional Access policies to enforce robust security measures.
    • Azure Multi-Factor Authentication (MFA): Strong expertise in configuring and integrating Azure MFA with Azure AD and various applications to enhance security.
    • Effective Communication Skills: Ability to work collaboratively with a wide range of stakeholders, ensuring clear and effective communication across teams.
    • Preferred Certifications: Possessing certifications like Microsoft Certified: Azure Security Engineer Associate or Microsoft Certified: Identity and Access Administrator Associate is a valuable asset.