Login
 
JOB SPECIFICATION - ACTIVE VACANCY
Job RefAlt_Ope_197
Job TitleMicrosoft Active Directory Engineer
Vacancy Closing Date2026-07-24
Position Start Date2026-07-27
CountrySouth Africa
CompanyAlteram Solutions (AS)
ExecOperations
Position LocationPretoria CBD
Employment EquityNot Applicable
Annual Income (Cost To Company)Market Related
Job Type Contract
Duration of Contract 1-2 Yrs
Overview Of Role

We are urgently looking for an Microsoft Active Directory Engineer to be based at our clnet on Pretoris CBD.

Responsibilities

  • Windows Server: 2019, 2022, 2016 (and knowledge of 2025 preview) – Server 2012 R2 as legacy support only
  • Active Directory Domain Services (AD DS): design, migration, trust relationships, schema management, ADSI editing
  • Entra ID (formerly Azure AD): tenant configuration, application registrations, enterprise apps, and Entra Connect Sync
  • Entra ID Protection & Governance:
    o Conditional Access Policies (CAP)

    o Privileged Identity Management (PIM)

    o Access Reviews
    o Identity Governance

  • Group Policy Management (GPO): including GPO analytics, migration tables, and security filtering
  • Hybrid Identity: Entra Connect (or Cloud Sync), pass-through authentication, Seamless SSO, hybrid join
  • PowerShell Automation: scripting for AD/Entra user lifecycle, reports, bulk operations, and module management (AzureAD, Microsoft Graph, Active Directory)
  • Active Directory Security:
    o Tier model administration
    o Protected Users group
    o Authentication policies & silos
    o AD auditing (Advanced Audit Policies)
    o LAPS for local admin passwords (including Windows LAPS for legacy + cloud)
  • DNS & DHCP: AD-integrated DNS, DHCP failover, DHCP policies, and IPAM awareness
  • Active Directory Sites & Services: replication topology design, bridgehead servers, site links, and DFS namespace awareness
  • Monitoring & Reporting: better reporting skills (using PowerShell, Entra ID audit logs, and third-party tools – e.g. ManageEngine)
  • Team Player & Collaborative – works with security, network, and app teams

  • Qualification

    • Microsoft Certified: Identity and Access Administrator Associate (SC-300) or Windows Server Hybrid Administrator Associate (AZ-800 + AZ-801)
    • Entra ID Certification: Microsoft Entra ID Fundamentals or Identity and Access Administrator Associate
    • National Diploma in Information Technology (or relevant degree/diploma, e.g., BSc Computer Science, IT, or equivalent experience)
    • MCITP/MCSA/MCSE and AZ-800, AZ-801, SC-300, MS-102 (or MD-102).

    Experience

  • 4+ years of combined hands-on experience in:
    o Active Directory architecture design, installation, configuration, and administration
    o Entra ID (Azure AD) implementation, hybrid identity, and identity governance
    o Group Policy Management in enterprise environments (multiple sites/domains)
    o PowerShell scripting for AD/Entra automation (must have)
    o DHCP, AD Sites & Services, replication troubleshooting
  • Required exposure to at least two of the following (recent – within 2 years):
    o Migrating from legacy AD to modern hybrid / cloud-native
    o Implementing PIM and Conditional Access
    o Securing privileged access (ESAE model or Red Forest / Tiering)
    o Entra ID Connect upgrades and troubleshooting

  • Personal Characteristics

  • Works effectively under pressure during outages, patching cycles, or incident responses

  • Willing to assist outside primary responsibilities (e.g., supporting related Microsoft 365, Windows Server roles, or Azure IaaS)
  • Strong analytical and problem-solving mindset
  • Ownership and follow-through without excessive handoff
  • Effective communicator to both technical and non-technical stakeholders