Solution Architect -AD & IAM

Job Title: Solution Architect Active Directory & Identity and Access Management (IAM)

Location: Remote

Full Time Opportunity

Job Description

The Solution Architect AD & IAM will be responsible for defining identity architecture, leading Active Directory and cloud identity migrations, and implementing secure, scalable IAM solutions aligned with business and compliance requirements. The role involves close collaboration with clients, delivery teams, security, and infrastructure stakeholders to ensure robust identity governance and authentication frameworks.

Key Responsibilities

• Architect, design, and govern enterprise Active Directory (AD) and IAM solutions across on premises, hybrid, and cloud environments
• Lead Active Directory modernization and migration initiatives, including forest/domain consolidation, tenant-to-tenant migrations, and legacy AD decommissioning
• Define and implement Microsoft 365 identity architectures, supporting:
• Exchange Online
• OneDrive
• SharePoint Online
• Microsoft Teams
• Design and manage Azure Entra ID (Azure AD) solutions, including:
• Hybrid identity using AAD Connect
• Directory synchronization and federation
• Conditional Access and identity protection policies
• Drive Identity Governance & Administration (IGA) frameworks:
• Joiner-Mover-Leaver (JML) processes
• Automated access provisioning and deprovisioning
• Role Based Access Control (RBAC)
• Lead Single Sign On (SSO) and application identity integrations using:
• SAML
• OAuth
• OpenID Connect
• Architect secure authentication and authorization mechanisms, including:
• Kerberos (including double hop scenarios)
• NTLM
• AES encryption and exception handling
• Establish and enforce Active Directory security and hardening standards, including:
• Group Policy Object (GPO) design and governance
• Tiered administration models
• Privileged Access Management (PAM)
• Design and manage Public Key Infrastructure (PKI) and Certificate Authority (CA) solutions
• Provide architectural oversight for Windows Server platforms, including:
• OS level troubleshooting
• Patch management
• Software deployment
• Act as a trusted advisor to clients, contributing to solution design, estimations, technical proposals, and roadmaps
• Review and validate solution designs, ensuring alignment with security, compliance, and enterprise standards

Required Skills & Expertise

• Deep expertise in On-Premises Active Directory architecture, administration, and security
• Strong hands-on experience with AD migrations and modernization projects
• Proven experience with Microsoft 365 migrations and identity integration
• Strong working knowledge of Azure Entra ID (Azure AD) and hybrid identity models
• Solid understanding of IAM, IGA, and access governance frameworks
• Extensive experience with SSO protocols and identity federation
• Strong background in authentication protocols and directory security
• Experience with PKI, certificates, and CA management
• Strong Windows Server administration and troubleshooting skills

Good to Have

• Experience leading large-scale enterprise or multi-tenant identity programs
• Client facing solutioning or pre sales experience
• Exposure to zero trust identity architectures
• Relevant certifications (Microsoft, IAM, Security)