Active Directory Engineer

Job Title: Active Directory Engineer
Primary Location: Remote
Position Type: Direct Hire

Overview

Join a world-class academic healthcare system as an Active Directory Engineer Specialist within the Information Security department. This is primarily a remote opportunity with occasional on-site requirements.

As part of the Security Engineering Team, you'll play a key role in Active Directory modernization, hybrid cloud identity integration, domain consolidation, and enterprise-grade SSO solutions. You will also help administer, design, and troubleshoot complex systems while ensuring security, scalability, and system reliability across the enterprise.

What You'll Do

• Architect, implement, and support hybrid identity infrastructure integrating on-prem AD with Azure AD/Entra ID, Okta, AWS IAM, and related services.

• Lead domain migration and consolidation projects across complex, multi-domain environments.

• Manage and optimize LDAP directories and synchronization tools between internal and external systems.

• Design and maintain secure, scalable SSO configurations using SAML, OAuth, OIDC, and federation technologies.

• Develop and enforce Group Policy Objects (GPOs), domain trusts, and domain controller health.

• Support Disaster Recovery and High Availability planning, testing, and documentation.

• Evaluate and implement system enhancements to improve reliability and performance.

• Mentor junior engineers and serve as a technical SME for Active Directory and hybrid identity security.

• Stay current with directory, cloud, and identity technology trends to drive modernization initiatives.

• What You Bring to the Role

  • Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience).

  • Proven experience in Active Directory domain consolidation and multi-forest/multi-domain environments.

  • Hands-on experience with Entra ID/Azure AD and hybrid directory configurations.

  • Expertise in PowerShell scripting for automation, reporting, and configuration management.

  • Familiarity with identity federation technologies such as ADFS, SAML, OAuth, and OIDC.

  • Strong understanding of Active Directory security best practices, including tiered administration.

  • Experience with Identity Governance and Privileged Access Management (PAM) solutions.

  • Independent problem-solving ability and strong attention to detail.

  • Excellent communication, organizational, and project management skills.

  • Ability to work both collaboratively and independently in a dynamic, security-focused environment.