Tech Lead - Active Directory and Entra ID Services

Role Description

UST is seeking a highly skilled Tech Lead for Active Directory & Entra ID Services to deliver and support enterprise-level identity and access management solutions. The ideal candidate will have deep technical expertise in Active Directory (AD), Entra ID (Azure AD), and related hybrid identity services, combined with strong customer management, shift management, and service ownership skills. This role involves leading daily operations, driving service excellence, and serving as the primary contact for technical support, escalations, reporting, and customer communications.

Key Responsibilities

Leadership & Service Delivery

• Lead L2/L3 support for Active Directory and Entra ID environments.
• Own and drive technical delivery, ensuring SLAs, KPIs, and compliance targets are met.
• Act as a primary technical and operational escalation point for identity and directory-related incidents.
• Coordinate and manage incident, problem, and change management processes for AD/Entra services.
• Participate in stakeholder reviews and provide actionable insights.
• Prepare and deliver service performance reports and management updates.
• Drive continuous improvement, automation, and standardization across the environment.
• Collaborate with project teams to support new implementations, migrations, and transformations.
• Maintain strong customer relationships, ensuring satisfaction and proactive communication.
• Manage day-to-day operations of the team, including workload allocation and task prioritization.
• Promote a collaborative and high-performance culture within the team.
• Drive training initiatives and knowledge sharing sessions to strengthen team capabilities.

Technical Responsibilities

• Administer and support Active Directory Domain Controllers, forests, and trust relationships.
• Perform promotion/demotion of domain controllers and forest-level administration.
• Manage Group Policy Objects (GPOs), Sites and Services, and replication configurations.
• Conduct regular AD health checks, database cleanup, and replication remediation.
• Manage SYSVOL, Global Catalogue, FSMO roles, and Windows Time Services.
• Implement and support Active Directory backup, recovery, and disaster recovery procedures.
• Configure and manage Certificate Services and Public Key Infrastructure (PKI).
• Manage roaming profiles, folder redirection, and cloud storage access control (Azure Storage).
• Lead Active Directory domain migrations and consolidation projects.
• Ensure security hardening and vulnerability management of domain controllers.

Entra ID / Hybrid Identity

• Administer and support Entra Connect / Sync servers and synchronization rules.
• Manage Azure AD roles, Administrative Units, and RBAC.
• Configure and manage Conditional Access Policies, Application Registrations (OIDC, SAML), and Dynamic Groups.
• Oversee Privileged Identity Management (PIM) and Service Principals.
• Support custom domain management and identity lifecycle processes.
• Collaborate on integrations with OKTA or other IAM solutions.

Automation, Documentation & Process

• Develop and maintain PowerShell scripts for automation, reporting, and health monitoring.
• Maintain up-to-date technical documentation, architecture diagrams, and standard operating procedures (SOPs).
• Drive process efficiency by implementing best practices and automation frameworks.
• Support audit and compliance requirements by maintaining accurate records and configurations.
• Prepare Root cause analysis and related documentations for incidents and problem management.
• Shift management to ensure round the clock support.

Key Skills/Competency

• Active Directory
• Entra ID
• PowerShell Scripting
• Identity and Access Management
• Windows Server
• Technical Leadership
• Service Delivery
• Cloud Identity
• Security Hardening
• IAM Solutions