Active Directory L3 Architect

2T Consulting

Salisbury, NC

Posted On: Jan 06, 2026

Posted On: Jan 06, 2026

Job Overview

Job Type

Full-time

Experience

12 - 18 Years

Salary

Depends on Experience

Work Arrangement

On-Site

Travel Requirement

0%

Required Skills

  • AD/AAD
  • Azure
  • PowerShell
  • Microsoft Graph API
  • troubleshooting
Job Description

In this role, the Architect is responsible for designing, implementing, and managing on-premises Active Directory and Azure Active Directory (AAD) environments. This position requires deep expertise in identity and access management, advanced troubleshooting, and architectural design for hybrid environments.

Key Responsibilities

Architecture & Design

  • Define and manage technical standards for Active Directory and Azure AD.
  • Design and implement secure, scalable identity solutions for hybrid environments.
  • Develop IAM policies, standards, and procedures aligned with compliance requirements.

Operations & Support

  • Handle Level 3 (L3) activities: critical incident resolution, change management, and complex troubleshooting.
  • Maintain and optimize AD infrastructure (DNS, GPOs, replication, FSMO roles).
  • Monitor Azure AD Connect Health portal for sync alerts and performance analytics.

Integration & Automation

  • Configure and troubleshoot Azure AD Connect, synchronization policies, and staging servers.
  • Implement SSO integrations using OAuth, OIDC, and SAML.
  • Develop advanced PowerShell scripts and Graph API integrations for automation.

Security & Compliance

  • Implement MFA, Conditional Access, and Privileged Identity Management (PIM).
  • Ensure compliance through periodic audits and reporting.
  • Manage disaster recovery planning for AADC and ADFS environments.

Collaboration & Governance

  • Act as a trusted advisor for stakeholders and lead technical governance meetings.
  • Provide knowledge transfer and mentoring to junior engineers.
  • Participate in service reviews and strategic planning for IAM services.

 

Required Technical Skills
  • Active Directory (On-Prem)
  • AD replication troubleshooting, schema updates, GPO management.
  • DNS/DHCP provisioning and trust relationships.
  • Azure AD
  • Enterprise app registration, SSO configuration, certificate updates.
  • Conditional Access, MFA, and identity lifecycle management.
  • ADFS
  • Federation setup, DR planning, certificate management.
  • Automation
  • PowerShell scripting for AD/AAD tasks.
  • Experience with Microsoft Graph API for automation.
  • Behavioral Competencies
  • Strong analytical and problem-solving skills.
  • Excellent communication and stakeholder management.
  • Ability to work in Agile environments and lead technical initiatives.
  • Strategic thinking and business acumen.

 

Experience & Certifications
  • Experience: Minimum 8-10 years in AD/AAD engineering and architecture.
  • Certifications: Microsoft Certified: Azure Administrator Associate or Azure Solutions Architect Expert preferred.
  • Domain Knowledge: Retail or enterprise IT environments is a plus.

Job ID: 2C320184

Posted By

Shayne

Sr. Recruiter