Job ID: JOB_ID_4252
Job Summary:
We are seeking a highly experienced Active Directory Architect with over 10 years of experience to lead the design and implementation of enterprise-scale Active Directory architectures. This role requires deep expertise in various AD components, including domain/forest models, Group Policy, AD security, DNS/DHCP, and Azure AD integration. The ideal candidate will possess strong PowerShell automation skills and a solid understanding of networking and zero-trust principles.
Key Responsibilities:
- Active Directory Architecture & Design: Lead the design and implementation of enterprise-scale Active Directory architectures. Architect domain/forest structures, OU design, Group Policy frameworks, and AD security baselines. Define AD governance, naming conventions, delegation models, and identity lifecycle standards. Oversee AD replication, domain controller placement, and Site/Subnet configurations. Design and implement secure authentication models (Kerberos, LDAP/S, NTLM hardening).
- Identity & Access Management: Architect solutions for IAM, including RBAC, least privilege models, privileged access management (PAM), and SSO/MFA. Lead integration between on-prem Active Directory and Azure AD (Cloud Hybrid Identity). Oversee Azure AD Connect, federation services (ADFS), Conditional Access, and identity governance.
- Windows Infrastructure Architecture: Design and standardize Windows Server builds, hardening baselines, and automation frameworks. Architect solutions for patching, configuration management, and OS lifecycle management. Provide architecture leadership for virtualization platforms (VMware/Hyper-V) as they relate to Windows workloads.
- Security & Compliance: Lead identity and Windows security posture improvements using Entra ID Protection, Conditional Access, and MFA. Work closely with the security team to design secure AD and Windows infrastructures aligned with zero-trust principles. Drive remediation of AD vulnerabilities, legacy protocols, and misconfigurations. Support identity governance audits, compliance assessments, and security reviews.
- Automation & Optimization: Architect automation solutions using PowerShell, DSC, and modern configuration tools (Intune/SCCM). Recommend improvements to performance, reliability, identity workflow, and user provisioning.
- Cross-Functional Leadership: Serve as the enterprise SME for AD, Windows, and identity services. Lead technical workshops, design reviews, and architectural discussions.
Required Skills:
- 10+ years of experience in Active Directory architecture and design.
- Proven experience architecting AD in large, multi-domain, multi-site enterprise environments.
- Deep expertise in: Domain/Forest model design, Group Policy architecture, AD security & hardening, DNS/DHCP, Azure AD & Hybrid Identity, Federation & SSO models (ADFS, OAuth, SAML).
- Strong PowerShell automation skills.
- Solid understanding of networking (TCP/IP, routing, firewalls, load balancers).
- Familiarity with zero-trust and identity security frameworks.
- Experience with identity and access management (IAM) solutions.
- Knowledge of Windows Server operating systems and infrastructure.
- Experience with virtualization platforms (VMware/Hyper-V).
- Excellent communication and leadership skills.
Additional Information:
- This is a contract position.
- The rate is $65/hr.
Special Requirements
Must be an active directory expert/architect.
Compensation & Location
Salary: $65 – $75 per year
Location: Ada, MI
Recruiter / Company – Contact Information
Email: na@squarehiring.com
Recruiter Notice:
To remove this job posting, please send an email from
na@squarehiring.com with the subject:
DELETE_JOB_ID_4252