Remote Active Directory Engineer

An employer is looking for a Remote Active Directory Engineer to work PST hours. In this role, this person will be designing, deploying, and maintaining Active Directory (AD), Group Policy, and related directory services to ensure optimal performance and reliability. The individual will administer and troubleshoot enterprise identity solutions, including hybrid integrations with Azure Active Directory/Entra ID and cloud-based authentication platforms. Security is a key focus, with tasks involving the enforcement of best practices for privileged access, account lifecycle management, and compliance with frameworks like SOX, NIST, and ISO. They’ll manage and optimize Group Policy Objects (GPOs) to meet enterprise-wide security and operational needs, while monitoring AD performance, replication, and resolving synchronization or authentication issues. Collaboration with cross-functional teams is essential, especially during mergers, acquisitions, or divestitures that require directory integration or separation. Routine activities include performing AD health checks, patching, disaster recovery testing, incident response, penetration testing and maintaining documentation. The role also involves automating administrative tasks using PowerShell and infrastructure-as-code methodologies, evaluating new tools to enhance system efficiency, and participating in incident response and root cause analysis. Additionally, the individual will contribute to comprehensive knowledge bases, participate in an on-call rotation, and uphold the company’s code of ethics while performing other related duties as assigned.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• 8+ years of hands-on experience in Active Directory administration in an enterprise environment.
• 6+ years of experience with Azure Active Directory, ADFS, and conditional access policies.
• 6+ years of experience with DNS, DHCP, LDAP, Kerberos, and related directory service protocols.
• 6+ years of experience with internal incident response and penetration testing
• Familiarity with compliance frameworks such as SOX, PCI, HIPAA, or NIST.
• Microsoft certifications such as Microsoft Certified: Identity and Access Administrator Associate or Microsoft
Certified: Windows Server Hybrid Administrator Associate preferred.
• Strong proficiency in scripting languages.
• Bachelor’s degree in Information Technology, Computer Science, or equivalent work experience.

• Experience with identity governance tools (e.g., Microsoft Identity Manager, Okta, SailPoint) is a plus.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.