Microsoft Active Directory Subject Matter Expert

Position Description:

We are seeking a

Microsoft Active Directory Subject Matter Expert (SME) for a role supporting the Department of the Navy in Annapolis Junction, MD.

The ideal candidate must hold an active TS/SCI clearance and have 8-10+ years of experience with a BS/BA or 6-8+ years with an MS/MA or 3-5+ years with a PhD. Experience managing enterprise Active Directory environments and a current DoD 8570.1-M/8140 IAT Level III certification are required.

The Microsoft Active Directory Subject Matter Expert (SME) will support our client's enterprise infrastructure initiatives. This individual will lead the architecture, design, deployment, and ongoing operations of Microsoft AD services, including Azure Active Directory, Group Policy, Identity Federation, and associated authentication systems. The ideal candidate will bring deep expertise in AD forest design, domain consolidation, AD hardening, and security best practices, with a strong focus on enterprise-scale environments.

Primary job location: Annapolis Junction, MD.

Future job location: Landover, MD

JBAB (Depends on Responsibilities)

Position Job Duties:

Serve as the technical authority on all matters related to Microsoft Active Directory and identity services

Design, implement, and manage scalable and secure AD infrastructures (on-premises and cloud hybrid)

Oversee AD migrations, upgrades, domain consolidation, and forest restructuring

Develop and enforce AD-related security policies and standards, including privileged access management

Manage integration with Azure AD, ADFS, MFA, SSO, and conditional access policies

Collaborate with cybersecurity teams to strengthen identity security posture

Conduct regular AD health checks, performance tuning, and troubleshooting

Document architecture, configurations, operational procedures, and support guides

Provide mentoring and training to junior team members and IT support staff

Position Qualifications:

TS/SCI level clearance is required

Requires 8 to 10 years with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD

Experience managing enterprise Active Directory environments

Expert knowledge of:

AD DS (Domain Services), DNS, DHCP, and Group Policy

Azure Active Directory, AD Connect, and Hybrid Identity solutions

ADFS, LDAP, Kerberos, NTLM authentication

Strong PowerShell scripting and automation skills

Experience with Zero Trust principles and identity governance tools

Familiarity with ITIL-based service management and change control

Experience in software engineering and integration of Commercial Off-the-Shelf software products

Certification Requirement:

Must have a current DoD 8570.1-M/8140 IAT Level III certification

Desired:

ITIL Foundations certification is desired

Microsoft Certified: Identity and Access Administrator Associate or similar

Experience with Microsoft Entra, MIM (Microsoft Identity Manager), or Okta

Previous experience in regulated environments (e.g., financial, healthcare, or government)