Job Description:Parsons is looking for an amazingly talented Principal Entra ID & Active Directory Engineer to join our team! In this role you will get to establish and lead a dedicated Microsoft Entra ID and on-premises Active Directory Support team supporting both commercial and U.S. Federal environments.
What You'll Be Doing:Key Responsibilities - Technical Leadership & Operations- Serve as the hands-on technical lead and subject matter expert for Entra ID and Active Directory environments across commercial and U.S. Federal tenants.
- Establish and operate a centralized Entra ID and Active Directory support function, including support models, standards, and escalation processes.
- Lead incident response, root-cause analysis, and long-term remediation for directory-related issues.
- Partner with IAM, Security, Infrastructure, and Compliance teams while maintaining clear ownership boundaries.
- Identify and engage subject matter experts and shared service resources across the organization to enhance supportability, operational efficiency, and scalability of existing platforms and environments.
- Acting as escalation point for directory/domain issues.
- Root Cause Analysis and Problem Management.
- SME advisory posture for directory and identity platforms.
- Analyzing the environment and driving continuous improvement plans.
- Managing stakeholder expectations through clear technical communication.
- Manage and coordinate identity related external DNS records (such as Entra ID custom domain validation, authentication related records, and federation dependencies), working with network or hosting teams as needed.
Entra ID & Active Directory Administration- Administer Microsoft Entra ID (Azure AD) tenants.
- Administer on-premises Active Directory forests and domains.
- Support hybrid identity configurations such as Entra Connect and cloud sync.
- Manage directory objects, groups, roles, and service accounts.
- Support directory-dependent enterprise applications from a platform perspective.
- AD Windows Server functional support (GPO, DNS, DHCP, DFS, PKI, ADFS, NTFS).
- Installation, configuration, and troubleshooting of AD, Entra ID, Azure AD DS.
- Active Directory schema updates.
- Experience with Microsoft Entra ID Conditional Access Policies.
- Expert-level AD and Entra ID platform knowledge.
- AD replication, Sites & Services, FSMO roles.
- Directory-level backup and disaster recovery support.
Automation & Engineering- Automate Entra ID/AD operational tasks using Microsoft Graph and PowerShell to reduce manual work and improve consistency.
- Operationalize directory automation via Azure Automation and/or Logic Apps for repeatable checks, reporting, and housekeeping.
- Advise and enable IAM-owned automation patterns without taking ownership of IAM governance execution.
- Improve directory hygiene through automated validation, monitoring, and actionable operational insights.
- Directory hygiene automation.
- Operational checks and validation.
- Platform-level lifecycle housekeeping (not IAM governance).
- Tooling (Graph, PowerShell, Azure Automation, Logic Apps).
Compliance & Federal Environment Support- Operate directory services in alignment with U.S. Federal regulatory requirements including NIST 800-53, NIST 800-171, CMMC, and FedRAMP.
- Support audit readiness through documentation and evidence collection.
- Collaborate with Security and Compliance teams to remediate directory-related findings.
- NIST, CMMC, FedRAMP, SOX, DFARS, GDPR support.
- Audit readiness, evidence collection.
- Remediation of directory-related findings.
- Alignment with federal and regulated environment expectations.
What Required Skills You'll Bring:- 8+ years of Active Directory experience in enterprise environments.
- 5+ years administering Microsoft Entra ID (Azure AD).
- Experience supporting commercial and U.S. Federal environments.
- Strong proficiency in PowerShell, Microsoft Graph or equivalent Microsoft-supported scripting and automation tooling used for Entra ID and Active Directory operations.
- Must be a U.S. Person as defined by applicable U.S. government regulations due to access to controlled or export-restricted information.
- Experience with integrating Active Directory and Entra Id with Okta or other IdPs.
What Desired Skills You'll Bring:- Experience with GCC or GCC High environments.
- Familiarity with Zero Trust principles.
- Experience modernizing large-scale Active Directory environments.
Security Clearance Requirement:None
This position is part of our Corporate team.
Salary Range: $112,200.00 - $196,400.00
We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, Employee Stock Ownership Plan (ESOP), 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle!
This position will be posted for a minimum of 3 days and will continue to be posted for an average of 30 days until a qualified applicant is selected or the position has been cancelled.
