Senior Identity Architect & Engineer (f/m/d) @ A1 Competence Delivery Center

Role Insights

• Design, implement, and operate Active Directory (multi-domain / multi-forest), Public Key Infrastructure (ADCS), federation services (ADFS), and hybrid identity with Microsoft Entra ID.
• Own and enforce Tier 0 security architecture.
• Lead incident resolution for critical identity outages.
• Define and improve hardening standards, monitoring and alerting concepts, and patch/lifecycle processes.
• Analyze and remediate security risks such as misconfigurations and legacy setups.
• Drive standardization across multiple environments and domains.
• Support audits (e.g., SOX controls) and compliance requirements.
• Mentor junior engineers and support knowledge transfer.
• Participate in on-call rotation for critical services.

What Makes You Unique:

• Strong hands-on experience with Active Directory (design, troubleshooting, operations).
• Deep knowledge of Group Policies, DNS, and authentication flows.
• Solid expertise in ADCS (PKI design, certificate lifecycle, and security).
• Experience with ADFS or other federation technologies.
• Knowledge of Microsoft Entra ID (hybrid identity, synchronization, access control).
• Good understanding of Windows Server internals.
• Strong networking knowledge (including firewalls and segmentation).
• Solid understanding of security concepts (Tiering, least privilege, privileged access).
• Advanced PowerShell skills for automation and scripting.
• Experience working in complex enterprise environments (multi-domain, multi-country setups).

Nice to Have:

• Experience with identity providers (e.g., Ping, ADFS alternatives).
• Familiarity with monitoring tools such as Splunk or SCOM.
• Experience with cloud and hybrid environments (e.g., Azure).
• Experience in incident management for critical systems.
• Familiarity with audit and compliance frameworks (e.g., SOX).

Job code: AIT010P311

Job classification: 11 - (Global Level)