What are the responsibilities and job description for the Principal Active Directory and Azure AD IAM Engineer position at MDA Edge?
Job Overview:
- Serve as a subject matter expert for Directory Services (AD / AAD) under the IAM services portfolio
- Perform in the capacity of AD / AAD Engineer
- Understand how the service works from a business/end-user/technical perspective.
- Have command of the service, including its capabilities and proper use
- Execute proof-of-concepts guided by the Service Manager and Director
- Complete assigned projects/tasks in a timely manner
- Interact with key stakeholders and project/program teams to understand their requirements and architect solutions based on best practices
- Ensure proper oversight for quality assurance of IAM artifacts
- Architect, own, and maintain processes, metrics, and procedures
- Enforce adherence to architectural standards/principles
- Proactively provide feedback regarding infrastructure IAM engineering methodologies, standards, and leading projects
- Minimize technical exposure and risk on projects
- Delivers and manages a highly available, stable, and secure Directory Services environment
- Drive value realization for the services and technology within the cybersecurity controls organization
- Participates in the testing (e.g., planning and execution) related to performance, disaster recovery, and business continuity for AD and AAD
- Work with Solution Architect and onboard new technologies which can enhance the security of Active Directory and Azure Active Directory.
- Design & implement new solutions like Windows Hello for Business, MFA, Conditional Access, TAP, Entra Lifecycle management, Secure Service Edge, Authentication strengths and Application management.
- Understanding of Design & Implementation of Microsoft Defender for Identity (MDI) on all the Domain Controllers. Integrating it with Syslog server and generating the security events
- Understanding of design and implemented Conditional Access policy which enhances the security of Identity, device & Cloud applications as part of the Zero trust methodology.
- Understanding of design and Implemented Quest-On Demand Recovery, RMAD, and Forest recovery for end-to-end disaster recovery of Active Directory and Azure AD.
- Design and Implement Azure AD B2B.
- Design and Implemented Multifactor solutions
- Understanding of ADFS
- Managing day-to-day Changes, Escalations, and Incidents related to the internal AD & AAD infrastructure.
- Configuring and Managing Active Directory infrastructure on Windows Server.
- Good knowledge on PowerShell for Active directory/Azure AD.
- Administration of the complete ADUC structure and make changes to the design
- Active Directory Objects via Active Directory Users and Computers. Components Restriction, Folder Redirections, Software Deployment. Administrative Templates, Windows Settings, Group Policies.
- Working on Azure AD and Azure AD Connect.
- Collaborate with global team members based in the US, India, and EMEA.
- 4-7 years of hands-on engineering expertise in Active Directory (AD) and Azure AD (AAD), including design, implementation, and disaster recovery.
- Proven experience architecting IAM solutions: Conditional Access, MFA, Zero Trust methodologies, and Defender for Identity (MDI).
- Advanced PowerShell scripting for AD/AAD automation and administration.
- Deep knowledge of hybrid identity systems: Azure AD Connect, ADFS, and Entra Lifecycle Management.
- Experience securing AD/AAD: Windows Hello for Business, Secure Service Edge, B2B collaboration, and Group Policy Management.
- Disaster recovery expertise: Quest tools (On Demand Recovery, RMAD), forest/domain recovery processes.
- Microsoft certifications: Azure AD/IAM (e.g., SC-300, AZ-800/801) or equivalent practical experience.
- Global collaboration: Experience working with distributed teams (US, EMEA, India).
Salary : $50
