Active Directory L3 Architect
Tata Consultancy Services, Salisbury, NC, United States
In this role, the Architect is responsible for designing, implementing, and managing
on-premises Active Directory and Azure Active Directory (AAD)
environments. This position requires deep expertise in identity and access management, advanced troubleshooting, and architectural design for hybrid environments.
Key Responsibilities Architecture & Design Define and manage technical standards for Active Directory and Azure AD. Design and implement secure, scalable identity solutions for hybrid environments. Develop IAM policies, standards, and procedures aligned with compliance requirements. Operations & Support
Handle
Level 3 (L3)
activities: critical incident resolution, change management, and complex troubleshooting. Maintain and optimize AD infrastructure (DNS, GPOs, replication, FSMO roles). Monitor Azure AD Connect Health portal for sync alerts and performance analytics. Integration & Automation
Configure and troubleshoot Azure AD Connect, synchronization policies, and staging servers. Implement SSO integrations using OAuth, OIDC, and SAML. Develop advanced PowerShell scripts and Graph API integrations for automation. Security & Compliance
Implement MFA, Conditional Access, and Privileged Identity Management (PIM). Ensure compliance through periodic audits and reporting. Manage disaster recovery planning for AADC and ADFS environments. Collaboration & Governance
Act as a trusted advisor for stakeholders and lead technical governance meetings. Provide knowledge transfer and mentoring to junior engineers. Participate in service reviews and strategic planning for IAM services. Required Technical Skills
Active Directory (On-Prem)
>
AD replication troubleshooting, schema updates, GPO management. DNS/DHCP provisioning and trust relationships. Azure AD
Enterprise app registration, SSO configuration, certificate updates. Conditional Access, MFA, and identity lifecycle management. ADFS
Federation setup, DR planning, certificate management. Automation
PowerShell scripting for AD/AAD tasks. Experience with Microsoft Graph API for automation. Behavioral Competencies
Strong analytical and problem-solving skills. Excellent communication and stakeholder management. Ability to work in Agile environments and lead technical initiatives. Strategic thinking and business acumen. Experience & Certifications
Minimum 8-10 years in AD/AAD engineering and architecture. Certifications: Microsoft Certified: Azure Administrator Associate or Azure Solutions Architect Expert preferred. Domain Knowledge: Retail or enterprise IT environments is a plus. TCS Employee Benefits Summary:
Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. #LI-RJ2 Salary Range-$120,000-$160,000 a year
on-premises Active Directory and Azure Active Directory (AAD)
environments. This position requires deep expertise in identity and access management, advanced troubleshooting, and architectural design for hybrid environments.
Key Responsibilities Architecture & Design Define and manage technical standards for Active Directory and Azure AD. Design and implement secure, scalable identity solutions for hybrid environments. Develop IAM policies, standards, and procedures aligned with compliance requirements. Operations & Support
Handle
Level 3 (L3)
activities: critical incident resolution, change management, and complex troubleshooting. Maintain and optimize AD infrastructure (DNS, GPOs, replication, FSMO roles). Monitor Azure AD Connect Health portal for sync alerts and performance analytics. Integration & Automation
Configure and troubleshoot Azure AD Connect, synchronization policies, and staging servers. Implement SSO integrations using OAuth, OIDC, and SAML. Develop advanced PowerShell scripts and Graph API integrations for automation. Security & Compliance
Implement MFA, Conditional Access, and Privileged Identity Management (PIM). Ensure compliance through periodic audits and reporting. Manage disaster recovery planning for AADC and ADFS environments. Collaboration & Governance
Act as a trusted advisor for stakeholders and lead technical governance meetings. Provide knowledge transfer and mentoring to junior engineers. Participate in service reviews and strategic planning for IAM services. Required Technical Skills
Active Directory (On-Prem)
>
AD replication troubleshooting, schema updates, GPO management. DNS/DHCP provisioning and trust relationships. Azure AD
Enterprise app registration, SSO configuration, certificate updates. Conditional Access, MFA, and identity lifecycle management. ADFS
Federation setup, DR planning, certificate management. Automation
PowerShell scripting for AD/AAD tasks. Experience with Microsoft Graph API for automation. Behavioral Competencies
Strong analytical and problem-solving skills. Excellent communication and stakeholder management. Ability to work in Agile environments and lead technical initiatives. Strategic thinking and business acumen. Experience & Certifications
Minimum 8-10 years in AD/AAD engineering and architecture. Certifications: Microsoft Certified: Azure Administrator Associate or Azure Solutions Architect Expert preferred. Domain Knowledge: Retail or enterprise IT environments is a plus. TCS Employee Benefits Summary:
Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. #LI-RJ2 Salary Range-$120,000-$160,000 a year