Microsoft Active Directory and Identity Subject Matter Expert (SME)
Peraton, Corridor North, Maryland, United States
Responsibilities
Peraton is seeking a highly experienced Microsoft Active Directory and Identity Subject Matter Expert (SME) to support enterprise infrastructure and security initiatives. This individual will lead the architecture, design, deployment, and ongoing operations of Microsoft AD services, including Azure Active Directory (Entra ID), Group Policy, Identity Federation, and associated authentication systems.
The ideal candidate will bring deep expertise in AD forest design, domain consolidation, AD hardening, and security best practices, with a strong focus on enterprise-scale environments. This individual will serve as the authoritative technical resource for identity services in a large-scale, mission-critical environment. Analyzes user needs and software requirements to determine feasibility of design within time and cost constraints. Confers with systems analysts, engineers, programmers, and others to design system and to obtain information on project limitations and capabilities, performance requirements and interfaces. Conducts multidisciplinary research and collaborates with equipment designers and/or hardware engineers in the planning, design, development, and utilization of electronic data processing systems for product and commercial software. Determines computer user needs; analyzes system capabilities to resolve problems on program intent, output requirements, input data acquisition, programming techniques and controls; prepares operating instructions; designs and develops compilers and assemblers, utility programs, and operating systems. Ensures software standards are met.
Key Responsibilities
Technical authority and escalation point
for all Microsoft Active Directory and enterprise identity services
Architect, design, implement, and maintain secure, scalable Active Directory environments , including on-premises and hybrid deployments
Lead and support AD migrations, upgrades, domain consolidations, forest redesigns, and functional level modernization
Design, develop, and enforce Active Directory security standards , including tiered administration, privileged access models, and service account governance
Manage and support hybrid identity integrations , including Microsoft Entra ID (Azure AD), AD Connect, ADFS, MFA, SSO, and Conditional Access
Partner with cybersecurity teams to strengthen identity security posture , mitigate threats, and respond to identity-related incidents
Perform Active Directory health checks , replication analysis, performance tuning, and root-cause troubleshooting
Oversee Group Policy design and management
for security baselines, configuration standards, and compliance requirements
Develop and maintain technical documentation , including architecture diagrams, standards, operational procedures, and support guides
Mentor and provide technical guidance to junior engineers and IT support teams
Qualifications Required Qualifications
Minimum experience requirements:
8 years with BS/BA
6 years with MS/MA
3 years with PhD
12 years of relevant experience in lieu of BS degree
Extensive experience managing
enterprise-scale Active Directory environments
Expert-level knowledge of:
Active Directory Domain Services (AD DS), DNS, DHCP, and Group Policy
Microsoft Entra ID (Azure AD), AD Connect, and hybrid identity solutions
Authentication protocols including
Kerberos, NTLM, LDAP, and SAML/OAuth-based federation
Strong
PowerShell scripting and automation
capabilities
Experience implementing
Zero Trust identity principles , privileged access management, and identity governance
Familiarity with
ITIL-based service management , change control, and operational best practices
Active
Top Secret with SCI eligibility
Current
DoD 8570.1-M / 8140 IAT Level III certification
Desired Qualifications
Microsoft Certified:
Identity and Access Administrator Associate, Windows Server Hybrid Administrator Associate
or equivalent certification/s
Experience with
Microsoft Entra services , Microsoft Identity Manager (MIM), or third-party IAM platforms (e.g., Okta)
Prior experience supporting
regulated or compliance-driven environments
(financial, healthcare, or government)
Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range $112,000 - $179,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr
The ideal candidate will bring deep expertise in AD forest design, domain consolidation, AD hardening, and security best practices, with a strong focus on enterprise-scale environments. This individual will serve as the authoritative technical resource for identity services in a large-scale, mission-critical environment. Analyzes user needs and software requirements to determine feasibility of design within time and cost constraints. Confers with systems analysts, engineers, programmers, and others to design system and to obtain information on project limitations and capabilities, performance requirements and interfaces. Conducts multidisciplinary research and collaborates with equipment designers and/or hardware engineers in the planning, design, development, and utilization of electronic data processing systems for product and commercial software. Determines computer user needs; analyzes system capabilities to resolve problems on program intent, output requirements, input data acquisition, programming techniques and controls; prepares operating instructions; designs and develops compilers and assemblers, utility programs, and operating systems. Ensures software standards are met.
Key Responsibilities
Technical authority and escalation point
for all Microsoft Active Directory and enterprise identity services
Architect, design, implement, and maintain secure, scalable Active Directory environments , including on-premises and hybrid deployments
Lead and support AD migrations, upgrades, domain consolidations, forest redesigns, and functional level modernization
Design, develop, and enforce Active Directory security standards , including tiered administration, privileged access models, and service account governance
Manage and support hybrid identity integrations , including Microsoft Entra ID (Azure AD), AD Connect, ADFS, MFA, SSO, and Conditional Access
Partner with cybersecurity teams to strengthen identity security posture , mitigate threats, and respond to identity-related incidents
Perform Active Directory health checks , replication analysis, performance tuning, and root-cause troubleshooting
Oversee Group Policy design and management
for security baselines, configuration standards, and compliance requirements
Develop and maintain technical documentation , including architecture diagrams, standards, operational procedures, and support guides
Mentor and provide technical guidance to junior engineers and IT support teams
Qualifications Required Qualifications
Minimum experience requirements:
8 years with BS/BA
6 years with MS/MA
3 years with PhD
12 years of relevant experience in lieu of BS degree
Extensive experience managing
enterprise-scale Active Directory environments
Expert-level knowledge of:
Active Directory Domain Services (AD DS), DNS, DHCP, and Group Policy
Microsoft Entra ID (Azure AD), AD Connect, and hybrid identity solutions
Authentication protocols including
Kerberos, NTLM, LDAP, and SAML/OAuth-based federation
Strong
PowerShell scripting and automation
capabilities
Experience implementing
Zero Trust identity principles , privileged access management, and identity governance
Familiarity with
ITIL-based service management , change control, and operational best practices
Active
Top Secret with SCI eligibility
Current
DoD 8570.1-M / 8140 IAT Level III certification
Desired Qualifications
Microsoft Certified:
Identity and Access Administrator Associate, Windows Server Hybrid Administrator Associate
or equivalent certification/s
Experience with
Microsoft Entra services , Microsoft Identity Manager (MIM), or third-party IAM platforms (e.g., Okta)
Prior experience supporting
regulated or compliance-driven environments
(financial, healthcare, or government)
Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range $112,000 - $179,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr