Senior Infrastructure Engineer (Active Directory+) - 9501
The Senior Active Directory Engineer provides support, implementation, and design services for Microsoft Active Directory and Windows-based systems across the enterprise, including directory and identity management solutions. Resolves and appropriately completes assigned cases and change requests and acts as an escalation for support issues. Applies new solutions through research and collaboration with team and determines course of action for new application initiatives. Implements new software solutions as required by the business. The core infrastructure technology duties include enterprise Microsoft Active Directory and experience with an Enhanced Security Administrative Environment,(Privileged Access Workstations, Red/Blue Forests design, Domain Hardening, PIM/MIM, Server Core, etc), global system security and policy configuration, and top-level support for enterprise-wide initiatives.
This role requires an in depth knowledge of Active Directory, Federation, Windows Server 2012/2012 R2, 2016, Windows security, AD Proxy, Virtual Directory solutions and related technology.
- Produce enterprise-level designs for Active Directory and Windows File Services for global initiatives following those through to implementation via collaboration with project and support teams.
- Identify opportunities to innovate, extend and enhance service delivery everywhere possible.
- Partner on Root Cause Analysis and Problem Management for corporate Identity Management environment.
- Serves as escalation point for application support and troubleshooting, provides guidance and direction in resolution of escalated issues and/or complex production, application or system problems.
- Serves as the first line of escalation support for domain technology issues that cannot be resolved by tier one and two server support.
- Perform daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs.
- Install, configure, and maintain Active Directory and third party software utilities for hardware systems within company operational guidelines.
- Create and maintain system documentation for domain technologies, including installation, configuration, and appropriate troubleshooting steps.
- Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
- Provide training as required
- Manage customer satisfaction through effectively communicating and managing customer expectations
- Manage and secure GSuite dependencies on Active Directory
- Experience working with Microsoft Identity technologies including Active Directory, Windows File Services, and Group Policies.
- Expert knowledge in administering Active Directory (AD) and GPO’s.
- Expert knowledge of AD, ADFS, PKI in Windows Server 2012, Windows Server 2012 R2/2016.
- Expert understanding of Active Directory FSMO roles and and domain trust relationships
- Expert knowledge of DNS, DHCP, WINS, DFS, in a Windows 2012 landscape.
- Knowledge of DNS technologies, Infoblox, Windows
- Knowledgeable in ongoing Active Directory domain and DNS maintenance and clean-up related activities
- Knowledge of, Microsoft Exchange, Quest Active Roles Server (ARS) are preferable.
- Advanced usage of automated scripted administration through Windows PowerShell
- Must have deep and thorough understanding of monitoring best practices, preferably with LogicMonitor and Microsoft System Center Operation Manager (SCOM) understanding and experience.
- Extensive experience with infrastructure and server theories, principles and concepts; application infrastructure and standards; networking fundamentals; Windows; Physical Server architecture; Virtualization Technologies (e.g. Hyper-V, VMware) and LAN/WAN/Firewall/VPN network technologies.
- Develops, documents, and enforces the standards, security procedures, and controls for access to ensure integrity of the Windows Systems, Active Directory, and related systems.
- Knowledge of server virtualization technologies, preferably Microsoft Hyper-V and/or VMware technologies
- ITIL v3 Certification.
- B.S. degree in a computer science, information technology, computer related discipline or 5+ years IT work experience in a global information technology infrastructure environment.
- Minimum 7 years overall IT experience with 3-5 years of experience working with Microsoft Identity technologies including Active Directory, Windows File Services, and Group Policies.
- Must show a progressive advancement in responsibility including deep troubleshooting technical skills.
- Must have an understanding of how to identify and instill industry best practices.
Ability to translate technical issues into understandable business language for end users.
- Desired experience working in a fast paced enterprise IT environment with a career track record of engineering, developing, deploying, and maintaining business critical systems in the area of technical expertise including hands on solution development and implementation experience.
- Must have excellent writing and communication skills, strong communicator with ability to maintain open communication with internal employees, contractors, managers, 3rd parties, and customers as needed