Active Directory Engineer

Contract Duration: 6-7 months
Position Location: Remote

Position Overview:
We are seeking an experienced Active Directory (AD) Engineer with AWS expertise to supplement an existing team and provide Identity and Access Management (IAM) strategy recommendations. The ideal candidate will have a strong background in designing, building, and maintaining complex global directory environments with an emphasis on integrating and managing AD within AWS environments.

Key Responsibilities:

• Engineering, deploying, operationalizing, maintaining, and supporting tools associated with AD and AWS.
• Contributing to the engineering and support of AD and AWS-based IAM solutions as needed.
• Communicating service directions, features, and roadmaps for AD and AWS services.
• Providing technical leadership and guidance on AD and AWS integrations.
• Assisting with currency, patching, and AWS security configurations for AD systems.
• Liaising with and supporting operational teams in both AD and AWS environments.
• Participating in incident response for AD and AWS platforms as needed.
• Assisting in technology evaluations and proof of concept projects involving AWS.
• Contributing to disaster recovery planning and remediation of vulnerabilities within AD and AWS.
• Making recommendations for improving and securing the AD and AWS-integrated environment.
• Providing IAM strategy recommendations, including AWS Identity and Access Management best practices.

Required Experience:

• Senior-level AD Engineer with 10+ years of experience, including 5 years working with AWS.
• Experience in large enterprise environments.

Required Technical Skills & Experience:

• 10+ years in directory services engineering.
• 7+ years in IAM strategy development.
• 5 years of experience with AWS, including expertise in AWS Identity and Access Management, security services, and directory integration.
• Manufacturing industry experience.
• Strong understanding of AD and AWS security principles.
• Experience with implementing and maintaining AD tools, including:
  • Microsoft ATA/AATP/Defender for Identity.
  • Microsoft ADRES (Active Directory Recovery Execution Service).
  • Quest Tools (Change Auditor, Recovery Manager, Enterprise Reporter, Migration Manager).
  • Other equivalent AD and AWS management tools.
• Familiarity with supporting SOC processes, recovery testing, AD and AWS continuity, and disaster recovery.
• Experience with AD and AWS security capabilities:
  • Microsoft Defender Credential Guard.
  • Kerberos and NTLM protocols.
  • Group Policy Preferences administration.
  • Domain Controller communications and security.
  • Ransomware defense for directory services in AWS environments.

Required Soft Skills:

• Excellent interpersonal and communication skills in English (both written and spoken).
• Strong organizational skills with attention to detail.
• Strategic thinking balanced with a detail-oriented mindset.
• Team player, able to collaborate both in person and virtually (MS Teams or similar).
• Self-starter with the ability to take initiative.
• Flexibility to work across different time zones.

Preferred Skills:

• Experience with SAP Access Control.
• Certifications such as CISSP, CISM, or equivalent are a plus.