Job Description

< back to search results

Active Directory

Req I D




Primary Skills

SID, Operating System,


Job Description:
The ITOps AD team provisions and provides support for Microsoft Active directory in the enterprise for customers. The infrastructure this team supports a heterogeneous environment. In addition, this team provides IT security solutions that cater to business needs.
Service Scope: Support Level 3 Operations – AD Team
•Provide support for Forest and domain structures, including, but not limited to:
◦Trust relationships
◦SID Filtering settings
◦Selective authentication settings
◦Forest and domain functional levels
◦Operating systems in use
◦Accounts with forest-wide functional scope
•Understand and drive projects related to Domain-specific configurations, including, but not limited to:
◦AdminSDHolder permissions
◦Privileged group memberships
◦Privileged account usage
•Role-based administration and delegation settings
•Perform Password checks:
◦Weak/non-expiring passwords
◦Password storage (LM Hashes)- whether they are stored, not which accounts use them unless added as a separate check (requires additional tooling)
◦Password policies
•Support Domain and DC Group Policy security and audit policy settings
•Validate Domain controller configurations:
◦Configuration consistency
◦Physical protection of domain controllers
◦Data protection (e.g., disk encryption, backup media protection, etc.)
◦Inappropriate software installation or usage of DCs (e.g., installing user applications on DCs, misconfigured Internet zone configuration on DCs, use of DCs for Internet browsing)
◦Service account configurations
•Assist with Identity management design and implementation, including:
◦Provisioning and de-provisioning processes
◦Management of privileged groups and accounts
•Be able to provide input where applicable, AD-integrated DNS analysis, including:
◦Zone configuration (e.g., dynamic updates, scavenging settings, WINS-R or GlobalNames use, etc.)
◦Zone replication and/or transfer settings
◦Security settings (zone ACLs, DC record ACLs, use of DNSsec, etc.)
◾Interface with AD team  on projects and risk mitigations using security software.
◾Participation on the External Network Security team and provide security solutions to meet the business requirements
◾Support, automate, and document team-related tasks.
◾Support Active Directory environment with respect to projects, implementations and ongoing run/maintain support.
◾Be part of global team responsible for all aspects of security infrastructure including proof of concepts, projects, implementations, and ongoing run/maintain support.
Skillsets required:
◾4 - 5 years of experience as L3  supporting an enterprise Active Directory environment
◾Strong Knowledge of Windows 2008 or 2012 Server and troubleshooting skills
◾In-Depth knowledge of Active Directory and DNS structure
◾Strong knowledge in securing Windows and active directory
◾Previous experience with Active Directory domain migrations in large enterprise environments
◾Knowledge of Group Policies (creating, testing, implementing, and advanced troubleshooting)
◾Domain controller mandatory
◾Should be flexible with 24/7 environment
◾Work location Prasad Tech Park ( banagalore)

Job Information