Active Directory Engineer
Diverse Lynx, Milpitas, CA, United States
Role: Active Directory Engineer
Location: Milpitas CA
Duration: 6 months
Onsite Milpitas CA or REMOTE
$80/HR C2C
Role Summary Seeking an experienced Active Directory (AD) Engineer to design, build, and operate core Microsoft Active Directory infrastructure, with a strong focus on isolated forests, segregated domains, and security driven directory architectures. This role is critical to enabling secure authentication, legacy containment, privilege isolation, and enterprise identity resilience. The engineer will own the lifecycle of AD forests and domains, partner with security and platform teams, and ensure directory services meet availability, security, and compliance requirements.
Key Responsibilities Active Directory Architecture & Engineering • Design, build, and maintain Active Directory forests, trees, and domains, including additional and isolated forests for security or regulatory purposes • Implement resource forests, containment forests, and hardened domains for legacy protocols, privileged access, or application isolation • Design and manage inter forest and intra forest trusts (one way, two way, selective authentication) • Plan and execute domain controller placement, site topology, and replication strategy Core AD Administration • Deploy, patch, and maintain Domain Controllers (Windows Server) • Manage FSMO roles, time synchronization, DNS integration, and SYSVOL • Administer Group Policy Objects (GPOs) for security baselines and configuration management • Manage AD objects: users, groups, computers, service accounts, and delegation models Security & Hardening • Enforce Active Directory security best practices and tiered administration models • Build privilege isolation domains for admin accounts and privileged workloads • Support initiatives such as: o Legacy protocol isolation (NTLM, RC4, LDAP signing exceptions) o Service account governance and gMSA implementation o AD attack surface reduction (lateral movement prevention, tiering) • Partner with security teams during incidents, audits, and risk remediation efforts Migration & Transformation • Lead or support: o Domain and forest builds and decompositions o Application and server migrations between domains or forests o Legacy domain containment and modernization efforts • Coordinate with application, server, and IAM teams to minimize disruption Monitoring, Troubleshooting & Operations • Diagnose and resolve: o Replication failures o Authentication and trust issues o DNS and Kerberos related problems • Maintain AD health using monitoring tools and best practices • Create and maintain operational runbooks and SOPs
Skills: Windows Servers Experience Required: 8-10
Thanks & Regards, Shashi Bhushan Sr. Manager - Delivery and Client Relations Diverse Lynx LLC |300 Alexander Park|Suite #200|Princeton , NJ 08540 Phone : 732-694-3392 Whatsapp : +91-9540037979 Email: shashi.bhushan@diverselynx.com | URL: http://www.diverselynx.com
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
$80/HR C2C
Role Summary Seeking an experienced Active Directory (AD) Engineer to design, build, and operate core Microsoft Active Directory infrastructure, with a strong focus on isolated forests, segregated domains, and security driven directory architectures. This role is critical to enabling secure authentication, legacy containment, privilege isolation, and enterprise identity resilience. The engineer will own the lifecycle of AD forests and domains, partner with security and platform teams, and ensure directory services meet availability, security, and compliance requirements.
Key Responsibilities Active Directory Architecture & Engineering • Design, build, and maintain Active Directory forests, trees, and domains, including additional and isolated forests for security or regulatory purposes • Implement resource forests, containment forests, and hardened domains for legacy protocols, privileged access, or application isolation • Design and manage inter forest and intra forest trusts (one way, two way, selective authentication) • Plan and execute domain controller placement, site topology, and replication strategy Core AD Administration • Deploy, patch, and maintain Domain Controllers (Windows Server) • Manage FSMO roles, time synchronization, DNS integration, and SYSVOL • Administer Group Policy Objects (GPOs) for security baselines and configuration management • Manage AD objects: users, groups, computers, service accounts, and delegation models Security & Hardening • Enforce Active Directory security best practices and tiered administration models • Build privilege isolation domains for admin accounts and privileged workloads • Support initiatives such as: o Legacy protocol isolation (NTLM, RC4, LDAP signing exceptions) o Service account governance and gMSA implementation o AD attack surface reduction (lateral movement prevention, tiering) • Partner with security teams during incidents, audits, and risk remediation efforts Migration & Transformation • Lead or support: o Domain and forest builds and decompositions o Application and server migrations between domains or forests o Legacy domain containment and modernization efforts • Coordinate with application, server, and IAM teams to minimize disruption Monitoring, Troubleshooting & Operations • Diagnose and resolve: o Replication failures o Authentication and trust issues o DNS and Kerberos related problems • Maintain AD health using monitoring tools and best practices • Create and maintain operational runbooks and SOPs
Skills: Windows Servers Experience Required: 8-10
Thanks & Regards, Shashi Bhushan Sr. Manager - Delivery and Client Relations Diverse Lynx LLC |300 Alexander Park|Suite #200|Princeton , NJ 08540 Phone : 732-694-3392 Whatsapp : +91-9540037979 Email: shashi.bhushan@diverselynx.com | URL: http://www.diverselynx.com
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.