Azure Active Directory Engineer : Chicago IL (only locals required)

Position: Active Directory Engineer

Location: Chicago IL, 2-3 days in office

Duration: 6 months with possible ext

Only locals required No relocation

Visa: no show the DL copy on video at the time of submission

Job Description:

This role requires deep technical expertise in Group Policy Object (GPO) consolidation, Active Directory Access Control List (ACL) cleanup, and Organizational Unit (OU) redesign for computer accounts.

In addition to AD-specific responsibilities, this engineer will participate in the team's daily operational support of Windows and RHEL servers and associated software, including SolarWinds monitoring, Ansible Automation Platform, and Rubrik. The ideal candidate will have hands-on experience working in complex enterprise environments and a proven track record of successfully streamlining and securing Active Directory structures while supporting core IT infrastructure services.

Key Responsibilities:

• Active Directory Optimization & Security:Analyze and consolidate Group Policy Objects (GPOs) to streamline management and improve security.
• Audit and remediate AD Access Control Lists (ACLs), ensuring compliance with least privilege principles.
• Design and implement an optimized Organizational Unit (OU) structure for computer accounts.

Required Qualifications:

• 7 years of hands-on experience with Active Directory administration and engineering in enterprise environments.
• Expert knowledge of GPO management, including troubleshooting, migration, and consolidation strategies.
• Strong experience with Active Directory security principles, including ACL audits and RBAC implementation.
• Hands-on experience designing and implementing efficient OU structures for large organizations.
• Proficiency with Windows Server (2016/2019/2022) and RHEL server administration.
• Experience supporting SolarWinds monitoring, Ansible Automation Platform, and Rubrik backup solutions.
• Strong understanding of IT security best practices, compliance frameworks (NIST, CIS, etc.), and audit requirements related to Active Directory.
• Excellent problem-solving skills and ability to work independently with minimal supervision.
• Effective communication and documentation skills to collaborate with stakeholders and IT teams.

Preferred Qualifications:

• Experience with Azure Active Directory (Entra ID) and hybrid identity management.
• Knowledge of Privileged Access Management (PAM) solutions and AD tiering models.
• Familiarity with Microsoft Defender for Identity and security monitoring tools.
• Previous experience in a consulting role or executing large-scale AD transformation projects.