Senior Directory Infrastructure Engineer

Summary

Join our team as a Senior Directory Infrastructure Engineer and play a key role in managing and enhancing our client's enterprise identity infrastructure. You will design, implement, and maintain directory services, ensuring the smooth operation of Active Directory, Entra ID, and OKTA Universal Directory environments. Responsibilities include managing the complete lifecycle of AD domains, leading migration projects, developing automation scripts, and implementing security best practices. This is a remote position located in Washington, DC, with a duration of 12+ months. The ideal candidate will have extensive experience with enterprise directory services and a strong understanding of modern identity approaches. You will be responsible for ensuring high availability and security of our directory services infrastructure.

Requirements

• Experience with enterprise directory services (Active Directory, Entra ID, OKTA Universal Directory, LDAP)
• Experience with AD domain lifecycle management including domain creation, upgrades, and decommissioning
• Advanced PowerShell scripting skills with demonstrable experience automating directory management tasks
• Proven experience with Microsoft GraphAPI and REST API integration for directory management
• Strong understanding of identity security best practices and compliance requirements
• Experience with directory synchronization technologies (Azure AD Connect, OKTA integration agents, etc.)
• Experience with multi-forest and hybrid identity environments
• Ability to design and implement complex directory architecture solutions
• Bachelor’s degree

Responsibilities

• Design, implement, and maintain enterprise directory services infrastructure
• Manage the complete lifecycle of AD domains including planning, deployment, maintenance, upgrades, and decommissioning
• Lead domain consolidation, migration, and forest restructuring projects
• Develop domain health monitoring and proactive maintenance procedures
• Create and execute disaster recovery plans for directory services
• Develop and maintain automation scripts using PowerShell for directory management tasks
• Interface with directory services using GraphAPI and REST API for custom integrations
• Implement and maintain security best practices for directory services
• Design and manage trust relationships between domains and forests
• Create and maintain documentation for directory architecture and operational procedures
• Provide escalation support for critical directory service incidents

Preferred Qualifications

• Relevant certifications (Microsoft 365 Certified: Identity and Access Administrator, OKTA Professional, etc.)
• Experience with Terraform, Ansible, or similar IaC tools for directory infrastructure
• Knowledge of SAML, OAuth, OIDC, and other modern authentication protocols
• Experience with Group Policy design and management
• Expertise in domain controller sizing, placement, and performance optimization
• Experience with domain functional level upgrades and cross-domain migrations
• Familiarity with CI/CD pipelines for infrastructure automation
• Experience with implementing Zero Trust architecture