Expert Active Directory Engineer

Title: Expert Active Directory Engineer

Location: 433 W Van Buren St, Chicago, IL 60607

Duration: 4 Months Contract

Skills:

1. Active Directory
2. Group Policy Object (GPO) consolidation
3. Active Directory Access Control List (ACL) cleanup
4. Organizational Unit (OU)
5. Windows
6. RHEL servers
7. SolarWinds monitoring,
8. Ansible Automation Platform
9. Rubrik
10. Privileged Access Management (PAM)
11. compliance frameworks (NIST, CIS)

Job Description:

We are seeking an Expert Active Directory Engineer for a short-term (~4 months) contract engagement to support a critical initiative focused on optimizing and securing our Active Directory (AD) environment.

This role requires deep technical expertise in Group Policy Object (GPO) consolidation, Active Directory Access Control List (ACL) cleanup, and Organizational Unit (OU) redesign for computer accounts.

In addition to AD-specific responsibilities, this engineer will participate in the team's daily operational support of Windows and RHEL servers and associated software, including SolarWinds monitoring, Ansible Automation Platform, and Rubrik.

The ideal candidate will have hands-on experience working in complex enterprise environments and a proven track record of successfully streamlining and securing Active Directory structures while supporting core IT infrastructure services.

Key Responsibilities:

Active Directory Optimization & Security: Analyze and consolidate Group Policy Objects (GPOs) to streamline management and improve security.

Audit and remediate AD Access Control Lists (ACLs), ensuring compliance with least privilege principles.

Design and implement an optimized Organizational Unit (OU) structure for computer accounts.

Infrastructure & Automation Support:

Provide support for Windows and RHEL servers, ensuring system stability and performance.

Monitor and troubleshoot issues within SolarWinds to maintain infrastructure visibility and respond to alerts.

Utilize Ansible Automation Platform to manage and deploy system configurations efficiently.

Assist with Rubrik backup and recovery operations, ensuring data protection best practices.

Documentation & Knowledge Transfer:

Create detailed technical documentation covering AD improvements, automation workflows, and operational procedures.

Provide knowledge transfer to internal IT teams to ensure ongoing maintainability.

Required Qualifications:

7 years of hands-on experience with Active Directory administration and engineering in enterprise environments.

Expert knowledge of GPO management, including troubleshooting, migration, and consolidation strategies.

Strong experience with Active Directory security principles, including ACL audits and RBAC implementation.

Hands-on experience designing and implementing efficient OU structures for large organizations.

Proficiency with Windows Server (2016/2019/2022) and RHEL server administration.

Experience supporting SolarWinds monitoring, Ansible Automation Platform, and Rubrik backup solutions.

Strong understanding of IT security best practices, compliance frameworks (NIST, CIS, etc.), and audit requirements related to Active Directory.

Excellent problem-solving skills and ability to work independently with minimal supervision.

Effective communication and documentation skills to collaborate with stakeholders and IT teams.

Preferred Qualifications:

Experience with Azure Active Directory (Entra ID) and hybrid identity management.

Knowledge of Privileged Access Management (PAM) solutions and AD tiering models.

Familiarity with Microsoft Defender for Identity and security monitoring tools.

Previous experience in a consulting role or executing large-scale AD transformation projects