Principal Active Directory and Azure AD IAM Engineer

Apply Now

Company: Macpower Digital Assets Edge

Location: Charlotte, NC 28269

Description:

Job Overview:
  • Serve as a subject matter expert for Directory Services (AD / AAD) under the IAM services portfolio
  • Perform in the capacity of AD / AAD Engineer
  • Understand how the service works from a business/end-user/technical perspective.
  • Have command of the service, including its capabilities and proper use
  • Execute proof-of-concepts guided by the Service Manager and Director
  • Complete assigned projects/tasks in a timely manner
  • Interact with key stakeholders and project/program teams to understand their requirements and architect solutions based on best practices
  • Ensure proper oversight for quality assurance of IAM artifacts
  • rchitect, own, and maintain processes, metrics, and procedures
  • Enforce adherence to architectural standards/principles
  • Proactively provide feedback regarding infrastructure IAM engineering methodologies, standards, and leading projects
  • Minimize technical exposure and risk on projects
  • Delivers and manages a highly available, stable, and secure Directory Services environment
  • Drive value realization for the services and technology within the cybersecurity controls organization
  • Participates in the testing (e.g., planning and execution) related to performance, disaster recovery, and business continuity for AD and AAD
  • Work with Solution Architect and onboard new technologies which can enhance the security of Active Directory and Azure Active Directory.
  • Design & implement new solutions like Windows Hello for Business, MFA, Conditional Access, TAP, Entra Lifecycle management, Secure Service Edge, Authentication strengths and Application management.
  • Understanding of Design & Implementation of Microsoft Defender for Identity (MDI) on all the Domain Controllers. Integrating it with Syslog server and generating the security events
  • Understanding of design and implemented Conditional Access policy which enhances the security of Identity, device & Cloud applications as part of the Zero trust methodology.
  • Understanding of design and Implemented Quest-On Demand Recovery, RMAD, and Forest recovery for end-to-end disaster recovery of Active Directory and Azure AD.
  • Design and Implement Azure AD B2B.
  • Design and Implemented Multifactor solutions
  • Understanding of ADFS
  • Managing day-to-day Changes, Escalations, and Incidents related to the internal AD & AAD infrastructure.
  • Configuring and Managing Active Directory infrastructure on Windows Server.
  • Good knowledge on PowerShell for Active directory/Azure AD.
  • dministration of the complete ADUC structure and make changes to the design
  • ctive Directory Objects via Active Directory Users and Computers. Components Restriction, Folder Redirections, Software Deployment. Administrative Templates, Windows Settings, Group Policies.
  • Working on Azure AD and Azure AD Connect.
  • Collaborate with global team members based in the US, India, and EMEA.

MUST HAVE:
  • 4-7 years of hands-on engineering expertise in Active Directory (AD) and Azure AD (AAD), including design, implementation, and disaster recovery.
  • Proven experience architecting IAM solutions: Conditional Access, MFA, Zero Trust methodologies, and Defender for Identity (MDI).
  • Advanced PowerShell scripting for AD/AAD automation and administration.
  • Deep knowledge of hybrid identity systems: Azure AD Connect, ADFS, and Entra Lifecycle Management.
  • Experience securing AD/AAD: Windows Hello for Business, Secure Service Edge, B2B collaboration, and Group Policy Management.
  • Disaster recovery expertise: Quest tools (On Demand Recovery, RMAD), forest/domain recovery processes.
  • Microsoft certifications: Azure AD/IAM (e.g., SC-300, AZ-800/801) or equivalent practical experience.
  • Global collaboration: Experience working with distributed teams (US, EMEA, India).

Similar Jobs