Global Directory Services Engineer

We are seeking a senior-level Global Directory Services Engineer to serve as the subject matter expert (SME) for Global Directory Services, including both on-premises and cloud-based Active Directory (AD), Microsoft Entra, and associated platforms. This role is essential in engineering, securing, and modernizing our directory services infrastructure while enabling strategic initiatives across IT Architecture, Engineering, Operations, Security, and business partners.

This position demands a strong engineering mindset focused on automation, optimization, and continuous improvement of the directory environment. The ideal candidate thrives in a collaborative, technically complex environment and is capable of navigating ambiguity with strategic clarity.

• Design, install, configure, and manage Active Directory, Microsoft Entra, and related identity solutions
• Develop and enforce standards, policies, and procedures for AD/Entra in coordination with security, architecture, and service line leaders
• Evaluate current AD/Entra environments and recommend improvements aligned with industry best practices
• Support IT project startup through technical consultation, requirements gathering, and charter definition
• Act as a technical lead for the planning and delivery of infrastructure projects, ensuring collaboration across teams
• Mentor junior team members on AD/Entra best practices, security, and operational efficiency
• Serve as an escalation point for critical directory services issues and outages
• Drive automation to reduce manual tasks and improve service consistency and reliability
• Provide input on long-term architectural strategy for identity and access management
• Communicate technical design and direction clearly to stakeholders at all levels
• Ensure adherence to change management, incident management, and disaster recovery protocols

• Bachelor's degree in Computer Science or a related field (or equivalent experience);
  High School Diploma or GED required at minimum
• 7+ years of hands-on experience managing Active Directory and Windows-based environments in enterprise settings
• 7+ years in IT infrastructure, including server, network, storage, and cloud services management
• Proven experience with enterprise-level AD environments including multi-domain/forest structures and trust relationships
• Active Directory (on-prem and Azure AD)
• ADFS & M365 Integration
• Entra  Multi-Factor Authentication
• Windows Server Core
• AD Backup & Restore, Health Monitoring, and Ransomware Protection
• Strong background in implementing AD security best practices (e.g., GPO hardening, tiered services, privileged access workstations)
• Experience supporting global, high-availability AD infrastructure
• Solid understanding of public cloud environments (Azure, AWS) and service models (IaaS, PaaS, SaaS)
• Demonstrated ability to influence stakeholders and drive alignment across IT and business teams
• Excellent communication, presentation, and crisis management skills

• Experience in high-security or regulated environments
• Familiarity with advanced AD tools and practices such as:
• Red Forest (Enhanced Security Admin Environment - ESAE)
• Netwrix Password Policy Enforcer
• Quest Recovery Manager
• Experience in manufacturing environments
• Exposure to identity and access governance frameworks

• Relevant certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, Azure Solutions Architect, CISSP) are a plus but not required