Senior Active Directory Engineer

By /
  • Temporary
  • London
  • Negotiable GBP / Year

Senior Active Directory Engineer

Our client, a leading global supplier for IT services, requires Senior Active Directory Engineer to be based at their client’s office in London, UK.

This is a hybrid role – you can work remotely in the UK and attend the London office 4 days per week .

This is a 6+ month temporary contract to start asa

Day rate: Competitive Market rate

Our client is seeking a strong Active Directory Specialist with hands‑on technical experience and architectural insight, capable of assessing, designing, and remediating complex AD environments

Key Responsibilities

  • Review existing AD tiering policies and progress completed to date in collaboration with customer’s stakeholders
  • Finalise inventory and scope of remaining tiering-related activities
  • Validate business and application ownership and confirm alignment with the AD tiering model
  • Assess cross-tier system dependencies and associated risks
  • Review and remediate service accounts and scheduled tasks
  • Finalise technical configurations, deployment activities, risks, and mitigation plans
  • Implement changes to server objects, Active Directory groups, and user configurations
  • Validate functionality and access post-change”

Key Requirements

Essential Skills:

Deep hands‑on experience with Microsoft Active Directory

  • Strong understanding of AD architecture, including forests, domains, trusts, sites, and replication
  • Practical experience managing large, complex, enterprise AD environments
  • Ability to operate confidently at both design and implementation levels

Active Directory architecture and design expertise

  • Experience reviewing and defining AD target‑state architectures
  • Clear understanding of how AD design decisions impact security, operations, and scalability
  • Strong knowledge of identity, authentication, and authorization flows

AD Tiering and security model expertise

  • Proven understanding of AD Tiering concepts (Tier 0, Tier 1, Tier 2)
  • Ability to assess environments for tiering misalignment and security risk
  • Experience designing and implementing tier‑aware access models, including:
    • Privileged access segregation
    • Admin role separation
    • Secure administrative workstations (SAWs) or equivalent concepts

Organisational Unit (OU) structure design and analysis

  • Experience designing, rationalising, and refactoring OU structures
  • Strong understanding of OU‑based:
    • Delegation models
    • Group Policy inheritance
    • Administrative boundaries
  • Ability to assess the operational and security impact of OU changes

Roles, delegation, and administrative model understanding

  • Strong knowledge of AD roles, permissions, and delegated administration
  • Ability to analyse existing role assignments, identify excessive privilege, and recommend remediation
  • Experience assessing and mitigating risks associated with:
    • Domain Admin usage
    • Delegated OU permissions
    • Service accounts and scheduled tasks

Gap analysis & assessment capability

  • Ability to conduct structured gap analysis between:
  • Current‑state environment
  • Target‑state architecture and security standards
  • Comfortable reviewing and analysing: Existing configurations, Operational practices &Security controls and exceptions
  • Capable of producing clear findings, risks, and recommendations

Desirable Skills:

  • Translate technical findings into clear recommendations for both technical and non‑technical stakeholders
  • Exposure to identity governance tools or controlled AD administration solutions (e.g. Active Roles, PAM/PIM tools)
  • Understand the business and application impact of AD changes
  • Work collaboratively with security, infrastructure, and application teams
  • Produce implementation‑ready designs, runbooks, and remediation plans
  • Strong Communication skills to articulate and understand customer requirements
  • Understanding of Azure Entra for the On-prem to Cloud AD object synchronisation
  • Handon experience working with Collaborative tools Like Jira, Kanban , Azure Dev for updating the tasks
  • Knowledge of ITSM process and tool BMC remedy for logging and updating changes

Special Working Conditions:

  • Night shift depending on the change scheduled

Due to the volume of applications received, unfortunately we cannot respond to everyone.

If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.

Please do keep an eye on our website https://projectrecruit.com/jobs/ for future roles

Upload your CV/resume or any other relevant file. Max. file size: 50 MB.

London | Frankfurt | Dublin | New York | Québec  Singapore | Hong Kong | Mumbai | Bangkok | Manila

Grow Your Global Team Confidently!

We deliver high-quality onboarding, payroll and compliance services across 130+ countries, supporting both employees and contingent workers. Our premium solutions ensure you hire, manage and pay compliantly – without compromise.

Resources

About

Policies

Copyright © 2024 Project Global

project global logo
Global Payroll Association
payroll org no background
cyber essentials certified logo
Project Global
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.