-
Administer and maintain on-premises Active Directory (AD DS) and Microsoft Entra ID (Azure AD) in a hybrid identity environment, including domain controllers, AD Sites & Services, domain/forest trusts, replication and directory synchronization.
-
Create, manage, and troubleshoot Group Policies to enforce consistent configuration and security settings across the enterprise.
-
Monitor directory health (AD replication, AD-integrated DNS, domain controller performance, Azure AD sync) and proactively resolve issues to ensure reliable authentication and access services.
-
Apply Active Directory security best practices (tiered admin model, least privilege, hardened domain controllers) to safeguard identity infrastructure and data.
-
Maintain and test Active Directory backup and recovery processes (authoritative/non-authoritative restore procedures), participating in disaster recovery exercises to ensure directory service resilience.
-
Automate and streamline identity administration tasks using PowerShell scripting for bulk operations, health checks, and reporting.
-
Manage identity-related incidents and service requests as 2nd-level support, troubleshooting complex AD, DNS, GPO, or Entra ID issues to minimize impact on users.
-
Implement changes to directory and identity services in adherence to ITIL-based change management processes, providing clear plans, risk assessments, and post-change validation.
-
Support user identity lifecycle and access management processes (account provisioning, permissions management) and contribute to cross-system authentication and authorization solutions (e.g., single sign-on integrations).
-
Update and maintain technical documentation, runbooks, and Standard Operating Procedures (SOPs) for Active Directory and Entra ID services.
-
Other specific duties as assigned by the team leader.