Infrastructure Architect

Intone Networks
New York, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

New York, United States of America

Tech stack

Microsoft Windows
Microsoft Active Directory
Systems Engineering
Authentication Protocols
Azure
Software as a Service
Computer Security
Dynamic Host Configuration Protocol
Linux
DNS
Kerberos (Protocol)
Windows Server
NT LAN Manager
Powershell
Systems Integration
Software Vulnerability Management
Cyberark
Information Technology
Windows Security
Windows Services

Requirements

About the job Windows / Active Directory Infrastructure Architect Location: New York, NY We are seeking an experienced Windows / Active Directory Infrastructure architect to support and modernize a large-scale, mission-critical Microsoft infrastructure environment. This role is part of a managed systems engineering team responsible for maintaining highly available compute infrastructure that supports global business operations 24/7. The ideal candidate will have deep hands-on experience with Active Directory architecture, security, administration, automation, and infrastructure hardening in a large enterprise environment. This position will play a key role in strengthening identity services, improving reliability, enhancing security posture, and supporting the continued evolution of Windows services across a complex distributed environment. Key Responsibilities: * Design, administer, secure, and support large-scale Active Directory environments, including forests, domains, trusts, replication strategies, and privileged access models. * Manage and enhance core Microsoft infrastructure services including Active Directory, Group Policy, DNS, DHCP, and Windows Server platforms. * Support modernization efforts for enterprise identity and authentication services across development and production environments. * Implement and maintain Active Directory security controls, hardening initiatives, and vulnerability remediation efforts. * Deploy and manage Windows Local Administrator Password Solution and other privileged access security tools. * Support MFA implementation for critical systems and privileged access workflows. * Deploy and manage Windows security features such as Credential Guard and other credential theft mitigation technologies. * Assess Active Directory environments for security risks, misconfigurations, and privilege escalation paths. * Apply least-privilege principles, administrative tiering models, privileged access management practices, and secure workstation strategies. * Automate administrative tasks, reporting, and operational processes using PowerShe * ll.Partner with security, compliance, and infrastructure teams to support auditing, governance, and regulatory requirements. * Create and maintain clear technical documentation, operational procedures, and infrastructure standards. Required Qualifications: * 7+ years of experience architecting, administering, and securing Active Directory in large enterprise environments. * Strong expertise in Active Directory, Group Policy, DNS, DHCP, and Windows Server administration. * Experience in CyberArk PAM * Hands-on experience implementing Active Directory security controls and hardening initiatives. * Experience deploying and managing Windows Local Administrator Password Solution. * Experience implementing and supporting MFA for key systems. * Experience with Windows security technologies such as Credential Guard and other credential theft mitigation solutions. * Strong understanding of identity lifecycle management, authentication protocols including Kerberos and NTLM, and access control models. * Proven experience designing and implementing AD forests, domains, trusts, replication, and privileged access models. * Knowledge of Active Directory tiering, privileged access management, administrative workstation strategies, and least-privilege practices. * Experience identifying and remediating Active Directory vulnerabilities and misconfigurations. * Strong PowerShell scripting and automation skills. * Experience working in regulated environments with a focus on compliance, auditing, and security governance. * Bachelor's degree in Computer Science, Engineering, Mathematics, a related field, or equivalent professional experience. Preferred Qualifications: * Familiarity with Active Directory security assessment tools, attack path analysis, and privilege escalation remediation. * Experience integrating Active Directory with Linux systems, SaaS applications, or other enterprise platforms. * Strong understanding of EDR, endpoint security, and security monitoring solutions within Windows environments. * Strong documentation, communication, and cross-functional collaboration skills. * Proactive problem-solving mindset with a focus on continuous improvement. * Microsoft certifications such as Identity and Access Administrator Associate, Security Operations Analyst Associate, Azure Solutions Architect, or similar credentials.

Apply for this position