System Administrator 2-IT (Exchange)

We are looking for a highly skilled Active Directory & Entra ID Engineer to join our infrastructure and identity services team. The ideal candidate will have deep expertise in designing, managing, and securing identity platforms across on-premises Active Directory and Microsoft Entra ID. This role involves working on AD modernization initiatives, directory migrations, DNS / DHCP infrastructure improvements, security hardening, and enterprise identity governance.

Active Directory & Identity Management

Manage, maintain, and optimize Active Directory Domain Services (AD DS) across multiple domains and sites.

Lead Domain Controller upgrades, AD migrations, and consolidation projects .

Oversee Group Policy design, cleanup, consolidation, and optimization .

Implement and maintain organizational units, group structures, permissions, and delegation models .

Handle identity governance, access control, and lifecycle management activities.

Microsoft Entra ID (Azure AD)

Manage and administer Entra ID tenants , including Conditional Access, identity protection, SSO configurations, and MFA policies.

Integrate on-premises AD with Entra ID using AAD Connect , cloud sync, and federation where required.

Support and optimize hybrid identity setups and trust relationships.

Core Infrastructure Services

Configure, manage, and troubleshoot DNS, DHCP, ADFS, NPS, and Certificate Authority (AD CS) environments.

Lead DHCP / DNS server upgrade or migration projects and ensure smooth cutovers.

Implement DNS and DHCP best practices, including scavenging, lease management, and high availability.

Maintain and support public key infrastructure (PKI) components and certificate lifecycle management.

Security & Compliance

Enhance AD and Entra ID security posture through policy hardening, privileged access reduction, and security best practices .

Implement and manage Role-Based Access Control (RBAC) and Privileged Identity Management (PIM) .

Conduct regular audits, permission reviews, and compliance checks.

Collaborate with the security team to address vulnerabilities and identity-related risks.

Operations & Troubleshooting

Provide Tier-3 support for identity, authentication, GPO, DNS / DHCP, and AD-related escalations.

Monitor performance, replication, and health of AD and Entra ID environments.

Prepare and maintain detailed documentation, SOPs, and architectural diagrams.

Participate in on-call rotations and support critical production incidents.

Career Level - IC2