Virginia Tech · 20 hours ago

Active Directory Specialist

United States

Full-time

Remote

Senior Level

$80K/yr - $120K/yr

Maximize your interview chances

EducationHigher Education

Growth Opportunities

No H1B

Hiring Manager

Ryan Flanary

Insider Connection @Virginia Tech

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

• Active Directory and Entra ID Architecture and Security: Lead the design and implementation of secure AD and Entra ID environments, ensuring adherence to security best practices and organizational compliance requirements.

• Identity and Access Management (IAM): Architect, implement, and manage IAM solutions, including authentication protocols (SAML, OAuth, OIDC, Kerberos) and privileged access management (PAM\PIM).

• Policy Development and Compliance: Establish and maintain security policies for directory services, ensuring compliance with regulations such as FERPA and aligning with security frameworks like Zero Trust.

• Security Auditing and Monitoring: Regularly conduct security audits of AD and Entra ID; analyze security logs, identify vulnerabilities, and lead incident response efforts to mitigate threats.

• IAM Roadmap and Strategy Development: Develop and maintain an IAM roadmap, ensuring alignment with organizational goals, evolving security standards, and emerging threats.

• Technical Leadership and Collaboration: Provide technical leadership on AD/Entra ID security matters, collaborate with operational teams to enhance security practices, and reduce drift in directory services.

• Automation and Tool Development: Utilize scripting tools such as PowerShell and Microsoft Graph API to automate tasks and enhance security monitoring and reporting capabilities.

• Documentation and Knowledge Transfer: Create and maintain documentation for all technical processes and contribute to training materials and knowledge base articles to ensure effective knowledge transfer.

• Incident Response and Remediation: Lead incident response activities related to identity-based security events, including vulnerability assessments, patch management, and security remediations.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Active DirectoryEntra IDAccess ManagementMicrosoft Active Directory SolutionsSAMLOAuthOIDCKerberosPrivileged Access ManagementGroup PoliciesAzure AD Conditional AccessAzure AD Privileged Identity ManagementPowerShellMicrosoft Graph APICybersecurity AuditingRemediationCISSPAzure Security Engineer AssociateMicrosoft Certified IdentityAccess AdministratorCCSPCISM

Required

Master's degree in computer science, information systems, IT-related field, or a combination of education, training, and/or work experience equivalent to a Master’s degree

Significant experience in global IT infrastructure, with extensive experience in AD/Entra ID architecture, including design, deployment, and optimization of complex directory environments.

Proven experience planning, creating and running complete Microsoft Active Directory solutions.

Demonstrated experience in conducting security audits and hardening of AD environments, implementing secure Group Policies (GPOs), configuring Azure AD Conditional Access policies, and managing privileged access through tools like Azure AD Privileged Identity Management (PIM) to reduce security risks and enforce compliance.

Strong scripting and automation skills, particularly with PowerShell and Microsoft Graph API.

Experience with cybersecurity auditing, remediation, and IAM best practices.

Strong problem-solving, communication, and analytical skills, with the ability to collaborate across different teams and time zones.