Job Title: Active Directory Engineer
Primary Location: Remote
Position Type: Direct Hire

Overview

Join a world-class academic healthcare system as an Active Directory Engineer Specialist within the Information Security department. This is primarily a remote opportunity with occasional on-site requirements.

As part of the Security Engineering Team, you'll play a key role in Active Directory modernization, hybrid cloud identity integration, domain consolidation, and enterprise-grade SSO solutions. You will also help administer, design, and troubleshoot complex systems while ensuring security, scalability, and system reliability across the enterprise.

What You'll Do

• Architect, implement, and support hybrid identity infrastructure integrating on-prem AD with Azure AD/Entra ID, Okta, AWS IAM, and related services.
• Lead domain migration and consolidation projects across complex, multi-domain environments.
• Manage and optimize LDAP directories and synchronization tools between internal and external systems.
• Design and maintain secure, scalable SSO configurations using SAML, OAuth, OIDC, and federation technologies.
• Develop and enforce Group Policy Objects (GPOs), domain trusts, and domain controller health.
• Support Disaster Recovery and High Availability planning, testing, and documentation.
• Evaluate and implement system enhancements to improve reliability and performance.
• Mentor junior engineers and serve as a technical SME for Active Directory and hybrid identity security.
• Stay current with directory, cloud, and identity technology trends to drive modernization initiatives.

What You Bring to the Role

• Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience).
• Proven experience in Active Directory domain consolidation and multi-forest/multi-domain environments.
• Hands-on experience with Entra ID/Azure AD and hybrid directory configurations.
• Expertise in PowerShell scripting for automation, reporting, and configuration management.
• Familiarity with identity federation technologies such as ADFS, SAML, OAuth, and OIDC.
• Strong understanding of Active Directory security best practices, including tiered administration.
• Experience with Identity Governance and Privileged Access Management (PAM) solutions.
• Independent problem-solving ability and strong attention to detail.
• Excellent communication, organizational, and project management skills.
• Ability to work both collaboratively and independently in a dynamic, security-focused environment.

Compensation Information
The expected salary range for this position is $120,000-$135,000 per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, 401(k), and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations.

This role requires authorization to work in the U.S. without current or future visa sponsorship.

All offers are contingent upon the completion of a background check, which may include but is not limited to: reference checks, education verification, employment verification, drug testing, criminal records checks, and any required certifications or compliance requirements based on the end client's background check policies and applicable laws.

TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible.
At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!