On-Prem Active Directory (AD) / Azure Specialist (SC Cleared)

Position Overview

We are seeking an experienced and Security Check (SC) Cleared On-Prem Active Directory (AD) / Azure Specialist to design, manage, secure, and enhance our identity and access infrastructure across both on-premises and cloud environments. This role requires a strong understanding of hybrid identity, authentication, and enterprise security practices, with the ability to operate in a secure and regulated environment.

Key Responsibilities

Active Directory (On-Prem)

• Administer and maintain Active Directory Domain Services, including domain controllers, DNS, DHCP, FSMO roles, OU structure, and domain trusts.

• Develop, enforce, and troubleshoot Group Policy Objects (GPOs).

• Perform domain health checks, patching, audits, and security hardening.

• Deliver identity lifecycle management and access provisioning support.

• Support AD migrations, upgrades, and restructuring initiatives.

Azure AD / Entra ID

• Manage Azure AD (Entra ID) including Conditional Access, MFA, RBAC, identity governance, and app registrations.

• Configure and support Azure AD Connect, hybrid authentication, and synchronization technologies.

• Integrate enterprise and SaaS applications using OAuth, SAML, and OpenID Connect.

• Implement modern authentication and secure access controls.

Security, Compliance & Governance

• Maintain compliance with security and regulatory requirements associated with SC clearance.

• Strengthen identity security posture using Azure AD Identity Protection, PIM, Conditional Access, and Defender for Identity.

• Create and maintain audit logs, access reviews, and compliance evidence.

• Support Zero-Trust identity strategies.

Automation & Scripting

• Develop and maintain PowerShell scripts for automation, reporting, and operational tasks.

• Support Infrastructure-as-Code efforts where applicable.

Operational Support

• Provide L3 support for identity, authentication, and access issues.

• Collaborate with cross-functional teams including security, networking, cloud, and application teams.

• Maintain clear technical documentation and operational runbooks.

Required Qualifications & Skills

• Current and valid SC Clearance 

• 5+ years of experience administering Active Directory in a large enterprise environment.

• Strong expertise with Azure AD / Entra ID and hybrid identity solutions.

• Proficiency in PowerShell scripting for administration and automation.

• Strong understanding of DNS, DHCP, Kerberos, NTLM, PKI, and identity security.

• Experience with Azure AD Connect and authentication models (PTA, Federation, SSO).

Preferred Skills

• Experience with Microsoft Defender for Identity, PIM, and privileged access controls.

• Knowledge of Intune, Windows device management, and modern workplace ecosystems.

• Familiarity with Zero Trust principles and secure-by-design frameworks.

• Microsoft certifications such as:

  • Identity and Access Administrator (SC-300)

  • Azure Administrator Associate (AZ-104)

  • Cybersecurity Architect / Security Engineer