Azure AD Engineer (HYBRID REMOTE)

Prism, Inc.
Washington, DC
28 Jan 2025

Vacancy expired!

This position is primarily remote. However, it requires being on-site 2x per month.Must be local to DC, MD, VA, or within 2 hours of commute.

Due to Federal Government Security Clearance Requirements: U.S. CitizenshipPRISM is seeking a Senior Active Directory Engineer to provide support, implementation, and design services for Microsoft’s on-premises and cloud identity platforms, including but not limited to Microsoft Windows Active Directory (AD), Microsoft Azure Active Directory (AAD), Microsoft Active Directory Federation Services (ADFS) and Microsoft Azure Application Proxy (AZAP). This role requires an in-depth knowledge of the Active Directory, Domain controllers, Azure Cloud, and proficiency in PowerShell scripting. As the AD engineer, you must have demonstrated prior and active experience managing multi-domain issues. In addition, I must be a self-starter who can work independently and be flexible in a fast-paced environment.

REQUIRED:
  • Bachelor’s degree with 10+ years of recent system engineering experience. Additional training and experience may be substituted instead of a degree.
  • Expert knowledge in administering AD, AAD, and ADFS in hybrid environments
  • Expert knowledge in administering AD and AAD support services such as AAD Conditional Access Policies, AAD Self-Service Password Reset (SSPR), AAD Connect, and Windows Server DNS
  • Expert knowledge in designing, testing, deploying and maintaining Active Directory Group Policy (GPO) to secure Domain Controllers, Domain Member Servers, and Domain Member Workstations
  • Expert analyzing security risks with proposed changes to AD, AAD, ADFS, AZAP, Domain Controllers, GPOs, etc. and providing an understandable summary of those risks to management for proper implementation decisions
  • Experience administering multiple AD forests with forest trusts.
  • Knowledge of third-party AD support services such as Quest Active Roles, Quest Change Auditor for AD
  • Knowledge of Microsoft Identity Manager
  • Knowledge of configuring, deploying, and onboarding applications for remote access via AZAP, including the use of Kerberos-constrained delegation (KCD) for Single Sign On.
  • Must have a deep and thorough understanding of monitoring best practices,
  • Extensive experience with infrastructure and server theories, principles, and concepts; application infrastructure and standards; networking fundamentals
  • Experience translating technical issues into understandable business language for end-users
  • Experience working with cyber security teams to actively update AAD conditional access policy and AD Group Policies as determined by cyber threats and operational requirements
  • Knowledge of Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) – as it pertains to Enterprise Domain design and support
  • Experience as a subject matter expert (SME) Senior Active Directory System Engineer or Architect in a large AD environment with the proven ability to coordinate technical efforts and resolve issues across multiple teams.
  • Strong working knowledge of Windows 2016 and 2019 Member Servers and Domain Controller operating systems platforms, DNS, networks, DMZs, network security zones
  • PowerShell scripting experience and capabilities
  • Expert knowledge of ADDS, ADFS, Azure AD, and Windows Server Operating Systems 2016 & up.
  • Hands-on expertise with Azure AD Connect and AD Cloud SaaS.
  • Clearable to obtain DoD Top Secret
  • ID: #48872153
  • State: District of Columbia Washington 00000 Washington USA
  • City: Washington
  • Salary: Depends on Experience
  • Job type: Permanent
  • Showed: 2023-01-28
  • Deadline: 2023-03-28
  • Category: Et cetera