Active Directory Engineer OR Architect

• Strong understanding of cryptographic algorithms and protocols
• Experience working with certificate authorities and registration authorities such as NDES and CEP/CES
• Proficiency in key management and renewal
• Experience designing implementing and maintaining secure PKI solutions in enterprise environments.
• Knowledge of integrating PKI with other security technologies such as HSMs TLS inspection 802.1x etc...
• Experience conducting PKI audits and monitoring.
• Ability to troubleshoot and resolve issues related to certificate issuance and management.
• Knowledge of best practices for securing device and user certificates
• Experience configuring Intune to work with a certificate authority to issue device and user certificates.
• Expertise in certificate lifecycle management
• Expertise with autoenroll and manual certificate issuance
• Knowledge of certificate templates and their configuration

Job Description:

• The role requires deep knowledge (300400 level) in the following technology areas:
• Active Directory Certificate Services including:
• Largescale two and threetier PKI hierarchies (>1 issuer) (Preferred)
• Experience with NDES and OCSP (Required)
• Experience with scripted installations (Preferred)
• Must understand database cleanup options & PKI domain maintenance (Required)
• Crossforest implementations (Desired)

• Active Directory Domain Services
• Active Directory replication and performance monitoring
• Active Directory troubleshooting
• Group Policy implementation design and troubleshooting.
• Security and administration of the Active Directory environment including PKI
• Fundamental networking knowledge IP DHCP DNS WINS routing etc.

The following areas may also be beneficial:

• Active Directory Scripting technologies
• Active Directory Disaster Recovery
• Active Directory Monitoring Tools
• Microsoft Identity Manager
• Active Directory Federated Services
• Azure AD Connect
• Azure Active Directory