Principal Active Directory Engineer
Role details
Job location
Tech stack
Job description
We are seeking a highly skilled and experienced Principal Active Directory Engineer to join our IT Infrastructure team. The ideal candidate will be responsible for architecting, implementing, and managing our Active Directory (AD) environment. This role involves maintaining the integrity, security, and performance of AD systems, as well as supporting related technologies such as Azure AD, Group Policy, DNS, and DHCP. You will also be a key player in the development and execution of our identity management strategies.
What you'll do:
- Manage and maintain AD infrastructure, including domain controllers, replication, DNS, and DHCP.
- Implement and enforce Group Policies to ensure consistent and secure configurations across the enterprise.
- Monitor AD performance, troubleshoot issues, and optimize system configurations for maximum efficiency.
- Perform regular audits of AD to ensure compliance with security policies and standards.
- Assist in the development and implement Active Directory strategies, including domain consolidation, upgrades, and migrations.
- Ensure that AD infrastructure meets regulatory and compliance requirements, such as GDPR, HIPAA, and SOX.
- Lead or participate in IT projects that involve Active Directory, including cloud integration, mergers & acquisitions, and infrastructure upgrades and provide mentorship and guidance to junior engineers and IT staff.
- Work on call to address critical issues., * All offers of employment are contingent on standard background checks. Fiserv and certain of its affiliated companies are federal, state, and/or local government contractors. Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. Positions that support state and/or local contracts also may require additional background checks to determine eligibility and suitability.
- This role is fully on-site with flexibility as needed.
- There may be up to 15% of travel each year.
This role is not eligible to be performed in Colorado, California, District of Columbia, Hawaii, Illinois, Massachusetts, Maryland, Minnesota, New Jersey, New York, Nevada, Rhode Island or Washington.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
Please note that salary ranges provided for this role on external job boards are salary estimates made by outside parties and may not be accurate.
Requirements
- 10+ years of experience engineering in a Windows server environment.
- 10+ years of experience in managing and supporting Active Directory environments.
- 5+ years of experience with PowerShell scripting and automation of AD tasks.
- 3+ years of experience with Azure AD, ADFS, and other identity federation technologies.
- Bachelor's degree in a related field or an equivalent combination of education, military, and work experience.
Experience that would be great to have:
- Strong understanding of network protocols, authentication methods, and security practice.
- Expertise in Active Directory, Group Policy, DNS, DHCP, and related technologies.
- Certifications such as Microsoft Certified: Identity and Access Administrator Associate, Microsoft Certified Solutions Expert (MCSE), or similar.
- Experience with hybrid cloud environments and integrating on-premises AD with cloud services.
- Familiarity with Identity and Access Management (IAM) frameworks and solutions.
Benefits & conditions
- This is a full-time, direct-hire position, and no contract options for unsolicited agency submissions will be considered.
- This role may require being on call during non-standard and/or overnight hours.
- This role requires use of a computer and audio equipment.
