Active Directory Specialist

We are seeking a strong Active Directory Specialist with hands‐on technical experience and architectural insight, capable of assessing, designing, and remediating complex AD environments.

Your responsibilities: (Up to 10, Avoid repetition)

• Review existing AD tiering policies and progress completed to date in collaboration with customer’s stakeholders
• Finalise inventory and scope of remaining tiering-related activities
• Validate business and application ownership and confirm alignment with the AD tiering model
• Assess cross-tier system dependencies and associated risks
• Review and remediate service accounts and scheduled tasks
• Finalise technical configurations, deployment activities, risks, and mitigation plans
• Implement changes to server objects, Active Directory groups, and user configurations
• Validate functionality and access post-change"

Your Profile

Essential skills/knowledge/experience: (Up to 10, Avoid repetition)

Core Experience & Skills

The ideal candidate must demonstrate:

Deep hands‐on experience with Microsoft Active Directory

• Strong understanding of AD architecture, including forests, domains, trusts, sites, and replication
• Practical experience managing large, complex, enterprise AD environments
• Ability to operate confidently at both design and implementation levels

Active Directory architecture and design expertise

• Experience reviewing and defining AD target‐state architectures
• Clear understanding of how AD design decisions impact security, operations, and scalability
• Strong knowledge of identity, authentication, and authorization flows

AD Tiering and security model expertise

• Proven understanding of AD Tiering concepts (Tier 0, Tier 1, Tier 2)
• Ability to assess environments for tiering misalignment and security risk
• Experience designing and implementing tier‐aware access models, including:
• Privileged access segregation
• Admin role separation
• Secure administrative workstations (SAWs) or equivalent concepts

Organisational Unit (OU) structure design and analysis

• Experience designing, rationalising, and refactoring OU structures
• Strong understanding of OU‐based:
• Delegation models
• Group Policy inheritance
• Administrative boundaries
• Ability to assess the operational and security impact of OU changes

Roles, delegation, and administrative model understanding

• Strong knowledge of AD roles, permissions, and delegated administration
• Ability to analyse existing role assignments, identify excessive privilege, and recommend remediation
• Experience assessing and mitigating risks associated with:
• Domain Admin usage
• Delegated OU permissions
• Service accounts and scheduled tasks

Gap analysis & assessment capability

• Ability to conduct structured gap analysis between:
• Current‐state environment
• Target‐state architecture and security standards
• Comfortable reviewing and analysing: Existing configurations, Operational practices &Security controls and exceptions
• Capable of producing clear findings, risks, and recommendations

Desirable skills/knowledge/experience: (As applicable)

• Translate technical findings into clear recommendations for both technical and non‐technical stakeholders
• Exposure to identity governance tools or controlled AD administration solutions (e.g. Active Roles, PAM/PIM tools)
• Understand the business and application impact of AD changes
• Work collaboratively with security, infrastructure, and application teams
• Produce implementation‐ready designs, runbooks, and remediation plans
• Strong Communication skills to articulate and understand customer requirements
• Understanding of Azure Entra for the On-prem to Cloud AD object synchronisation
• Handon experience working with Collaborative tools Like Jira, Kanban , Azure Dev for updating the tasks
• Knowledge of ITSM process and tool BMC remedy for logging and updating changes