On-Prem Active Directory (AD) / Azure Specialist (SC Cleared) Position Overview We are seeking an experienced and Security Check (SC) Cleared On-Prem Active Directory (AD) / Azure Specialist to design, manage, secure, and enhance our identity and access infrastructure across both on-premises and cloud environments. This role requires a strong understanding of hybrid identity, authentication, and enterprise security practices, with the ability to operate in a secure and regulated environment. Key Responsibilities Active Directory (On-Prem) Administer and maintain Active Directory Domain Services, including domain controllers, DNS, DHCP, FSMO roles, OU structure, and domain trusts. Develop, enforce, and troubleshoot Group Policy Objects (GPOs). Perform domain health checks, patching, audits, and security hardening. Deliver identity lifecycle management and access provisioning support. Support AD migrations, upgrades, and restructuring initiatives. Azure AD / Entra ID Manage Azure AD (Entra ID) including Conditional Access, MFA, RBAC, identity governance, and app registrations. Configure and support Azure AD Connect, hybrid authentication, and synchronization technologies. Integrate enterprise and SaaS applications using OAuth, SAML, and OpenID Connect. Implement modern authentication and secure access controls. Security, Compliance & Governance Maintain compliance with security and regulatory requirements associated with SC clearance. Strengthen identity security posture using Azure AD Identity Protection, PIM, Conditional Access, and Defender for Identity. Create and maintain audit logs, access reviews, and compliance evidence. Support Zero-Trust identity strategies. Automation & Scripting Develop and maintain PowerShell scripts for automation, reporting, and operational tasks. Support Infrastructure-as-Code efforts where applicable. Operational Support Provide L3 support for identity, authentication, and access issues. Collaborate with cross-functional teams including security, networking, cloud, and application teams. Maintain clear technical documentation and operational runbooks. Required Qualifications & Skills Current and valid SC Clearance 5 years of experience administering Active Directory in a large enterprise environment. Strong expertise with Azure AD / Entra ID and hybrid identity solutions. Proficiency in PowerShell scripting for administration and automation. Strong understanding of DNS, DHCP, Kerberos, NTLM, PKI, and identity security. Experience with Azure AD Connect and authentication models (PTA, Federation, SSO). Preferred Skills Experience with Microsoft Defender for Identity, PIM, and privileged access controls. Knowledge of Intune, Windows device management, and modern workplace ecosystems. Familiarity with Zero Trust principles and secure-by-design frameworks. Microsoft certifications such as: Identity and Access Administrator (SC-300) Azure Administrator Associate (AZ-104) Cybersecurity Architect / Security Engineer