Senior Active Directory Engineer

Job Title: Senior Active Directory and Infrastructure Engineer

Location: Paris

Hybrid: 1/2 days on site

Start date: 1st September 2024

About the Role:

We are seeking a highly skilled Senior Active Directory and Infrastructure Engineer to join our customer's dynamic team. The ideal candidate will have extensive experience in managing and maintaining a large-scale Active Directory environment, including security management, infrastructure upgrades, and scripting for automation. This role involves working on a diverse set of projects ranging from disaster recovery planning to migration of domain controllers, and managing various infrastructure services like PKI, ADFS, AADC, and NPS.

Key Responsibilities:

1. Active Directory Management:

   • Lead projects involving Active Directory reorganisation and Disaster Recovery planning.
   • Perform PowerShell scripting for audit and analysis.
   • Coordinate with the team to implement directory delegations and manage security protocols.
   • Manage Group Policy Objects (GPOs), sites, services, and trust relationships within Active Directory.
   • Oversee the migration of Domain Controllers to newer versions.
   • Decommission outdated servers, particularly those running Windows Server 2012 and earlier.
   • Regularly clean up and optimise Active Directory components, including servers, GPOs, and Organisational Units.

2. Infrastructure Management:

   • Manage PKI infrastructure, including server maintenance and certificate lifecycle (issuance, revocation).
   • Plan and execute the migration of PKI infrastructure to newer platforms.
   • Oversee ADFS infrastructure, managing connectors and supporting applications, particularly in the context of SSO project requests.
   • Maintain and upgrade Azure AD Connect (AADC) infrastructure, implement app registrations in Azure Active Directory (AAD), and enforce Multi-Factor Authentication (MFA).

3. Automation and Scripting:

   • Develop and implement PowerShell scripts for automation, monitoring, and alerting across various services.
   • Automate routine tasks to improve efficiency and accuracy.

4. Security and Compliance:

   • Implement security recommendations and best practices as advised by internal and external security teams.
   • Manage and update AD schemas and Local Administrator Password Solution (LAPS) implementations.

5. Incident and Request Management:

   • Handle incident and service request management, ensuring prompt and efficient resolution of issues.
   • Collaborate with Microsoft support for incident ticket management and escalation.

6. Documentation and Collaboration:

   • Document operational procedures and guidelines, particularly for PowerShell usage.
   • Collaborate closely with cross-functional teams, ensuring comprehensive infrastructure support.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Proven experience in managing large-scale Active Directory environments.
• Proficiency in PowerShell scripting for automation and system management.
• Strong understanding of security principles and best practices in an enterprise environment.
• Experience with PKI, ADFS, AADC, NPS, and other related infrastructure technologies.
• Familiarity with Windows Server environments (2008 R2, 2012 R2, 2016) and vitalisation technologies (Hyper-V, VMware).
• Excellent communication skills, with the ability to work collaboratively in a team-oriented environment.
• Strong problem-solving skills and the ability to manage multiple projects simultaneously.

Preferred Qualifications:

• Experience with international environments and multi-domain infrastructures.
• Relevant certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, Azure Administrator, etc.).