Description
Hello Everyone,
We at CosMicIT are urgently looking for AD Architect
Locations: Croatia/Bulgaria
Experience: 12-15 Years
Job Type- Remote
Position Summary
The Directory Architect provides support, implementation, and design services for Directory across the enterprise. The position appropriately resolves assigned support issues and change requests as well as acts as an escalation point for support issues. Through research and collaboration with the team, the position is responsible for implementing new solutions and initiatives required by the environment and the business. This role requires in-depth knowledge of Active Directory, Entra ID, Windows Server, Windows security, DNS, Azure AD; and related technologies
Travel Requirements
Less than 15%
Position Requirements
Education Required
Bachelor's degree in computer science, information technology, or computer related discipline or 12+ years equivalent combination of education and overall experience with Microsoft Active Directory, Entra ID, at an enterprise level.
Experience Required
12-15 years of experience in:
Access Control Policies:
Define access control policies and mechanisms to enforce the least privileged access principles and ensure data confidentiality, integrity, and availability.
Integration and Interoperability: Integrate IAM solutions with existing systems, applications, and directories while ensuring interoperability and seamless user experience.
Compliance: Ensure IAM solutions comply with relevant security standards, regulations, and compliance requirements such as GDPR, HIPAA, PCI-DSS, etc.
Identity Federation: Implement identity federation and single sign-on (SSO) solutions to enable seamless access to multiple applications and services.
Authentication and Authorization Mechanisms: Design authentication and authorization mechanisms, including multi-factor authentication (MFA), role-based access control (RBAC) and PIM
Risk Management: Assess risks related to identity and access management and implement mitigating controls to address identified risks effectively.
Identity Governance:
Establish identity governance frameworks and processes to ensure proper oversight of identities, access rights, and compliance.
IAM Platform Evaluation: Research, evaluate, and recommend IAM products, technologies, and solutions that align with organizational needs and objectives.
Documentation and Training: Create documentation, guidelines, and training materials for IAM processes, procedures, and best practices.
Define and develop a long-term IAM strategy and roadmap, aligning IAM goals with business objectives and the overall security strategy.
Provide expert-level guidance in IAM-related security incidents, helping to troubleshoot and resolve critical IAM issues when required.
Managing and supporting large, multi-domain, multi-forest Active Directory environments.
Extensive knowledge in GPO’s, ADFS, DNS, DHCP, DFS and other related Microsoft technologies.
Extensive knowledge in Entra ID and cloud operations, including SAML federation, Conditional Access, PIM and etc.
Deep and thorough understanding of monitoring Active Directory.
Preferred Experience
Experience with Entra ID and Microsoft Office 365.
Experience in a global, multi-cultural organization.
Previous experience with large and small domain migrations.
Ability to work well with people from difference cultures and disciplines with varying degrees of technical experience.
Ability to express technical concepts effectively, both verbally and in writing.
Strong collaboration, communication, and presentation skills.
Strong organizational skills with the ability to handle numerous initiatives simultaneously, with a great attention to detail, operating with urgency, focus and discipline.
Strong documentation skills on policies, process and procedures.
Company/Industry Related Knowledge
Job-specific Competencies
· Scripting ability a must (PowerShell preferred).
· Collaborate with team to provide enterprise-level architectural direction and subject matter expertise for Active Directory, Entra ID, Entra ID connect, ADFS
· Implement upgrades, new tools or utilities, subject matter expertise for integration requests, etc.
· Participate in migration processes for mergers, acquisitions, or divestitures.
· Assist in developing workflows, scripts, or other utilities for task automation or interfacing with applications or third party products.
· Conduct proof of concept evaluations.
· Gather business requirements, perform in-depth analysis and provide recommendations on products or services.
· Provide 24x7 escalation support for incidents.
· Raise incidents with Microsoft, etc. and participate in appropriate incident resolution, problem management activities, and post incident reviews.
Configuring, maintaining, and troubleshooting of:
AD domains and forest
Trust relationships
AD infrastructure including user/computer/group objects, OU's, sites, replication, etc.
Security and GPO design
LDAP/ADFS
DNS and DHCP administration and troubleshooting
Domain consolidation and decommissioning
AD disaster recovery plans
DC patching and upgrades
Other projects and duties as required/assigned.
Eligible candidates, please share their resume/CV at
Any references would also be accepted.
Thanks & Regards,
CosMicIT GmbH, Germany ??
CosMicIT Informatics India Pvt Ltd. ??
CosMicIT Spolka Z Ograniczona Odpowiedzialnoscia, Poland ??
www.CosMic-IT.com | www.CosMic-IT.in
LinkedIn: https://www.linkedin.com/company/cosmic-it/
We at CosMicIT are urgently looking for AD Architect
Locations: Croatia/Bulgaria
Experience: 12-15 Years
Job Type- Remote
Position Summary
The Directory Architect provides support, implementation, and design services for Directory across the enterprise. The position appropriately resolves assigned support issues and change requests as well as acts as an escalation point for support issues. Through research and collaboration with the team, the position is responsible for implementing new solutions and initiatives required by the environment and the business. This role requires in-depth knowledge of Active Directory, Entra ID, Windows Server, Windows security, DNS, Azure AD; and related technologies
Travel Requirements
Less than 15%
Position Requirements
Education Required
Bachelor's degree in computer science, information technology, or computer related discipline or 12+ years equivalent combination of education and overall experience with Microsoft Active Directory, Entra ID, at an enterprise level.
Experience Required
12-15 years of experience in:
Access Control Policies:
Define access control policies and mechanisms to enforce the least privileged access principles and ensure data confidentiality, integrity, and availability.
Integration and Interoperability: Integrate IAM solutions with existing systems, applications, and directories while ensuring interoperability and seamless user experience.
Compliance: Ensure IAM solutions comply with relevant security standards, regulations, and compliance requirements such as GDPR, HIPAA, PCI-DSS, etc.
Identity Federation: Implement identity federation and single sign-on (SSO) solutions to enable seamless access to multiple applications and services.
Authentication and Authorization Mechanisms: Design authentication and authorization mechanisms, including multi-factor authentication (MFA), role-based access control (RBAC) and PIM
Risk Management: Assess risks related to identity and access management and implement mitigating controls to address identified risks effectively.
Identity Governance:
Establish identity governance frameworks and processes to ensure proper oversight of identities, access rights, and compliance.
IAM Platform Evaluation: Research, evaluate, and recommend IAM products, technologies, and solutions that align with organizational needs and objectives.
Documentation and Training: Create documentation, guidelines, and training materials for IAM processes, procedures, and best practices.
Define and develop a long-term IAM strategy and roadmap, aligning IAM goals with business objectives and the overall security strategy.
Provide expert-level guidance in IAM-related security incidents, helping to troubleshoot and resolve critical IAM issues when required.
Managing and supporting large, multi-domain, multi-forest Active Directory environments.
Extensive knowledge in GPO’s, ADFS, DNS, DHCP, DFS and other related Microsoft technologies.
Extensive knowledge in Entra ID and cloud operations, including SAML federation, Conditional Access, PIM and etc.
Deep and thorough understanding of monitoring Active Directory.
Preferred Experience
Experience with Entra ID and Microsoft Office 365.
Experience in a global, multi-cultural organization.
Previous experience with large and small domain migrations.
Ability to work well with people from difference cultures and disciplines with varying degrees of technical experience.
Ability to express technical concepts effectively, both verbally and in writing.
Strong collaboration, communication, and presentation skills.
Strong organizational skills with the ability to handle numerous initiatives simultaneously, with a great attention to detail, operating with urgency, focus and discipline.
Strong documentation skills on policies, process and procedures.
Company/Industry Related Knowledge
Job-specific Competencies
· Scripting ability a must (PowerShell preferred).
· Collaborate with team to provide enterprise-level architectural direction and subject matter expertise for Active Directory, Entra ID, Entra ID connect, ADFS
· Implement upgrades, new tools or utilities, subject matter expertise for integration requests, etc.
· Participate in migration processes for mergers, acquisitions, or divestitures.
· Assist in developing workflows, scripts, or other utilities for task automation or interfacing with applications or third party products.
· Conduct proof of concept evaluations.
· Gather business requirements, perform in-depth analysis and provide recommendations on products or services.
· Provide 24x7 escalation support for incidents.
· Raise incidents with Microsoft, etc. and participate in appropriate incident resolution, problem management activities, and post incident reviews.
Configuring, maintaining, and troubleshooting of:
AD domains and forest
Trust relationships
AD infrastructure including user/computer/group objects, OU's, sites, replication, etc.
Security and GPO design
LDAP/ADFS
DNS and DHCP administration and troubleshooting
Domain consolidation and decommissioning
AD disaster recovery plans
DC patching and upgrades
Other projects and duties as required/assigned.
Eligible candidates, please share their resume/CV at
Any references would also be accepted.
Thanks & Regards,
CosMicIT GmbH, Germany ??
CosMicIT Informatics India Pvt Ltd. ??
CosMicIT Spolka Z Ograniczona Odpowiedzialnoscia, Poland ??
www.CosMic-IT.com | www.CosMic-IT.in
LinkedIn: https://www.linkedin.com/company/cosmic-it/