Senior Active Directory Engineer

Senior Active Directory Engineer 6 Month contract initially Based: Hybrid, 4 days p/w onsite in London Rate - £450 - £550 p/d via Umbrella

We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Senior Active Directory Engineer on a long term program of work.

Key Responsibilities: Review existing AD tiering policies and progress completed to date in collaboration with customer's stakeholders

• Finalise inventory and scope of remaining tiering-related activities
• Validate business and application ownership and confirm alignment with the AD tiering model
• Assess cross-tier system dependencies and associated risks
• Review and remediate service accounts and scheduled tasks
• Finalise technical configurations, deployment activities, risks, and mitigation plans
• Implement changes to server objects, Active Directory groups, and user configurations
• Validate functionality and access post-change"

Key Skills & Experience: Deep hands on experience with Microsoft Active Directory

• Strong understanding of AD architecture, including forests, domains, trusts, sites, and replication
• Practical experience managing large, complex, enterprise AD environments
• Ability to operate confidently at both design and implementation levels

Active Directory architecture and design expertise

• Experience reviewing and defining AD target state architectures
• Clear understanding of how AD design decisions impact security, operations, and scalability
• Strong knowledge of identity, authentication, and authorization flows

AD Tiering and security model expertise

• Proven understanding of AD Tiering concepts (Tier 0, Tier 1, Tier 2)

• Ability to assess environments for tiering misalignment and security risk

• Experience designing and implementing tier aware access models, including: o Privileged access segregation o Admin role separation o Secure administrative workstations (SAWs) or equivalent concepts Organisational Unit (OU) structure design and analysis

• Experience designing, rationalising, and refactoring OU structures

• Strong understanding of OU based: o Delegation models o Group Policy inheritance o Administrative boundaries

• Ability to assess the operational and security impact of OU changes

Roles, delegation, and administrative model understanding

• Strong knowledge of AD roles, permissions, and delegated administration
• Ability to analyse existing role assignments, identify excessive privilege, and recommend remediation
• Experience assessing and mitigating risks associated with: o Domain Admin usage o Delegated OU permissions o Service accounts and scheduled tasks

Gap analysis & assessment capability

• Ability to conduct structured gap analysis between:
• Current state environment
• Target state architecture and security standards
• Comfortable reviewing and analysing: Existing configurations, Operational practices &Security controls and exceptions
• Capable of producing clear findings, risks, and recommendations

Desirable skills/knowledge/experience:

• Translate technical findings into clear recommendations for both technical and non-technical stakeholders
• Exposure to identity governance tools or controlled AD administration solutions (eg Active Roles, PAM/PIM tools)
• Understand the business and application impact of AD changes
• Work collaboratively with security, infrastructure, and application teams
• Produce implementation-ready designs, runbooks, and remediation plans
• Strong Communication skills to articulate and understand customer requirements
• Understanding of Azure Entra for the On-prem to Cloud AD object synchronisation
• Hands on experience working with Collaborative tools Like Jira, Kanban, Azure Dev for updating the tasks
• Knowledge of ITSM process and tool BMC Remedy for logging and updating changes

This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible.

LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance.

A multiple award-winning organisation, having secured the prestigious Queens Award for Enterprise: International Trade over consecutive years. We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience.

Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.

Deep hands on experience with Microsoft Active Directory

• Strong understanding of AD architecture, including forests, domains, trusts, sites, and replication
• Practical experience managing large, complex, enterprise AD environments
• Ability to operate confidently at both design and implementation levels

Active Directory architecture and design expertise

• Experience reviewing and defining AD target state architectures
• Clear understanding of how AD design decisions impact security, operations, and scalability
• Strong knowledge of identity, authentication, and authorization flows

AD Tiering and security model expertise

• Proven understanding of AD Tiering concepts (Tier 0, Tier 1, Tier 2)

• Ability to assess environments for tiering misalignment and security risk

• Experience designing and implementing tier aware access models, including: o Privileged access segregation o Admin role separation o Secure administrative workstations (SAWs) or equivalent concepts Organisational Unit (OU) structure design and analysis

• Experience designing, rationalising, and refactoring OU structures

• Strong understanding of OU based: o Delegation models o Group Policy inheritance o Administrative boundaries

• Ability to assess the operational and security impact of OU changes

Roles, delegation, and administrative model understanding

• Strong knowledge of AD roles, permissions, and delegated administration
• Ability to analyse existing role assignments, identify excessive privilege, and recommend remediation
• Experience assessing and mitigating risks associated with: o Domain Admin usage o Delegated OU permissions o Service accounts and scheduled tasks

Gap analysis & assessment capability

• Ability to conduct structured gap analysis between:
• Current state environment
• Target state architecture and security standards
• Comfortable reviewing and analysing: Existing configurations, Operational practices &Security controls and exceptions
• Capable of producing clear findings, risks, and recommendations

Desirable skills/knowledge/experience:

• Translate technical findings into clear recommendations for both technical and non-technical stakeholders
• Exposure to identity governance tools or controlled AD administration solutions (eg Active Roles, PAM/PIM tools)
• Understand the business and application impact of AD changes
• Work collaboratively with security, infrastructure, and application teams
• Produce implementation-ready designs, runbooks, and remediation plans
• Strong Communication skills to articulate and understand customer requirements
• Understanding of Azure Entra for the On-prem to Cloud AD object synchronisation
• Hands on experience working with Collaborative tools Like Jira, Kanban, Azure Dev for updating the tasks
• Knowledge of ITSM process and tool BMC Remedy for logging and updating changes

LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance.