Active Directory Architect

Active Directory Architect - 4months + - Mainly Remote - Start ASAP

For our international client, we are looking for an experienced Active Directory (AD) Architect. Your main task is to Lead the remediation and hardening of Active Directory and endpoint administrative access on T1 and T2 level. Your role will be to design and implement least-privilege controls for global Admin access, integrate governance with Okta automation, and eliminate unnecessary local administrator access on employee devices.

Tasks:
* Support client with Privileged Access Remediation (Active Directory)
* Support client with Inventory and validate all 450 active administrative accounts
* Ensure alignment with Investigate and validate AD OU structure permission
* Redesign global Permissions in house called: "SiteAdmins" with least-privilege
* Create/rework OU creation scripts

Requirements:
* Long term project experience as an Active Directory Architect
* Strong experience in IAM/Directory Services/Security Engineering focused on AD and endpoint management
* Hands on experience with Active Directory (OUs, delegation, GPOs)
* Experience with PAM/JIT solutions (CyberArk) and tiered admin models
* Project experience with Scripting and automation (PowerShell)
* Project experience with least-privilege, SoD, auditing, and compliance frameworks (ISO 27001, NIST 800-53/CIS)

Project details:
* Start: ASAP
* Duration: 4 months (+ option to extend)
* Workload: 5 days per week
* Location: 100% Remote
* Languages: Fluency in English

Telephone interview slots with our client can be arranged at short notice with a decision immediately thereafter.