• 401(k)
• Competitive salary

Job Description

• Design, build, and support enterprise Active Directory environments
• Perform greenfield AD forest and domain builds
• Implement and manage PKI and certificate lifecycle automation
• Troubleshoot complex issues across AD, DNS, GPO, and authentication
• Automate AD and server operations using PowerShell
• Support Windows Server 2016/2022/2025 environments
• Apply Microsoft tiered security models (Tier 0/1/2)
• Ensure compliance with security and regulatory standards

Required Skills & Experience

• 10+ years of enterprise Active Directory experience
• AD DS design, deployment, and troubleshooting
• Domain controller build, promotion/demotion
• FSMO roles, SYSVOL, DFS‑R
• AD Sites & Services
• Replication tools: repadmin, dcdiag
• Authentication: LDAP, Kerberos

• AD‑integrated DNS
• SRV records and zone configuration
• DNS troubleshooting and security best practices

• GPO design, creation, optimization, and troubleshooting

• Windows Server 2016, 2022, 2025
• Server hardening and security baseline configuration

• Microsoft AD Certificate Services (ADCS)
• Certificate templates and auto‑enrollment
• TLS/SSL certificate lifecycle management
• Certificate renewal automation
• Experience with Sectigo Certificate Manager or similar PKI tools

• Advanced PowerShell scripting for AD and server administration

• Building AD forests/domains from scratch
• OU design and delegation models
• Microsoft tiered security model (Tier 0 / Tier 1 / Tier 2)
• Credential hygiene and privileged access management

• Experience working in regulated environments (GxP preferred)

• Hands‑on experience with Sectigo Certificate Manager
• Exposure to OT (Operational Technology) Active Directory
• Background in Pharma, Life Sciences, or other regulated industries

This is a remote position.