Active Directory Architect
Prophecy Technologies, Houston, TX, United States
Job Summary
We are seeking a highly experienced
Active Directory Architect
to design, implement, and govern enterprise-scale
Active Directory and Windows Server infrastructure . The role will focus on
multi-domain AD architecture, hybrid identity integration with Azure AD, security hardening, and identity governance . The ideal candidate will lead architecture decisions, improve security posture, and implement automation for large enterprise environments.
Key Responsibilities
Active Directory Architecture & Design Lead the
design and implementation of enterprise-scale Active Directory architectures
across multi-domain and multi-site environments. Architect
domain/forest structures, Organizational Unit (OU) models, and Group Policy frameworks . Define
AD governance standards, naming conventions, and delegation models . Oversee
Active Directory replication topology, domain controller placement, and site/subnet configurations . Design secure authentication models including
Kerberos, LDAP/S, and NTLM hardening . Identity & Access Management
Architect
IAM solutions
using
RBAC, least privilege models, PAM, SSO, and MFA . Lead
hybrid identity integration between on-prem Active Directory and Azure AD . Manage identity solutions using
Azure AD Connect, ADFS, Conditional Access policies, and identity governance frameworks . Windows Infrastructure Architecture
Design and standardize
Windows Server builds and security hardening baselines . Architect solutions for
patching, configuration management, and OS lifecycle management . Provide architectural guidance for
virtualization platforms such as VMware and Hyper-V
supporting Windows workloads. Security & Compliance
Improve
identity security posture
using
Microsoft Entra ID Protection, Conditional Access, and MFA . Collaborate with cybersecurity teams to implement
Zero Trust architecture principles . Identify and remediate
AD vulnerabilities, legacy protocols, and configuration risks . Support
identity governance audits, compliance assessments, and security reviews . Automation & Optimization
Design automation frameworks using
PowerShell, DSC, and configuration tools such as Intune and SCCM . Optimize
AD performance, reliability, identity workflows, and user provisioning processes . Cross-Functional Leadership
Act as the
Subject Matter Expert (SME) for Active Directory, Windows Server, and Identity Services . Lead
technical workshops, architecture reviews, and enterprise design discussions
with cross-functional teams. Required Skills
Proven experience
architecting Active Directory in large enterprise environments (multi-domain, multi-site) . Deep expertise in: Domain and Forest architecture design Group Policy architecture Active Directory security hardening DNS and DHCP services Azure AD / Hybrid Identity Federation and SSO models (ADFS, OAuth, SAML) Strong
PowerShell automation and scripting
experience. Solid knowledge of
networking concepts (TCP/IP, routing, firewalls, load balancers) . Familiarity with
Zero Trust and modern identity security frameworks . Competencies
Active Directory Architecture Windows Server Infrastructure Identity and Access Management (IAM) Hybrid Identity & Azure AD Enterprise Security Architecture
We are seeking a highly experienced
Active Directory Architect
to design, implement, and govern enterprise-scale
Active Directory and Windows Server infrastructure . The role will focus on
multi-domain AD architecture, hybrid identity integration with Azure AD, security hardening, and identity governance . The ideal candidate will lead architecture decisions, improve security posture, and implement automation for large enterprise environments.
Key Responsibilities
Active Directory Architecture & Design Lead the
design and implementation of enterprise-scale Active Directory architectures
across multi-domain and multi-site environments. Architect
domain/forest structures, Organizational Unit (OU) models, and Group Policy frameworks . Define
AD governance standards, naming conventions, and delegation models . Oversee
Active Directory replication topology, domain controller placement, and site/subnet configurations . Design secure authentication models including
Kerberos, LDAP/S, and NTLM hardening . Identity & Access Management
Architect
IAM solutions
using
RBAC, least privilege models, PAM, SSO, and MFA . Lead
hybrid identity integration between on-prem Active Directory and Azure AD . Manage identity solutions using
Azure AD Connect, ADFS, Conditional Access policies, and identity governance frameworks . Windows Infrastructure Architecture
Design and standardize
Windows Server builds and security hardening baselines . Architect solutions for
patching, configuration management, and OS lifecycle management . Provide architectural guidance for
virtualization platforms such as VMware and Hyper-V
supporting Windows workloads. Security & Compliance
Improve
identity security posture
using
Microsoft Entra ID Protection, Conditional Access, and MFA . Collaborate with cybersecurity teams to implement
Zero Trust architecture principles . Identify and remediate
AD vulnerabilities, legacy protocols, and configuration risks . Support
identity governance audits, compliance assessments, and security reviews . Automation & Optimization
Design automation frameworks using
PowerShell, DSC, and configuration tools such as Intune and SCCM . Optimize
AD performance, reliability, identity workflows, and user provisioning processes . Cross-Functional Leadership
Act as the
Subject Matter Expert (SME) for Active Directory, Windows Server, and Identity Services . Lead
technical workshops, architecture reviews, and enterprise design discussions
with cross-functional teams. Required Skills
Proven experience
architecting Active Directory in large enterprise environments (multi-domain, multi-site) . Deep expertise in: Domain and Forest architecture design Group Policy architecture Active Directory security hardening DNS and DHCP services Azure AD / Hybrid Identity Federation and SSO models (ADFS, OAuth, SAML) Strong
PowerShell automation and scripting
experience. Solid knowledge of
networking concepts (TCP/IP, routing, firewalls, load balancers) . Familiarity with
Zero Trust and modern identity security frameworks . Competencies
Active Directory Architecture Windows Server Infrastructure Identity and Access Management (IAM) Hybrid Identity & Azure AD Enterprise Security Architecture