Active Directory Engineer
MEDVACON
Role Summary The Windows Active Directory Engineer is responsible for stabilizing, securing, and modernizing the enterprise Active Directory environment with a strong focus on directory cleanup, identity hygiene, replication health, and security hardening. This role ensures AD remains healthy, compliant, resilient, and aligned with Zero Trust identity principles across on-prem and hybrid cloud environments. Key Responsibilities
Required Skills & Experience
Preferred Qualifications
Medvacon Talent Acquisition only conducts initial video interviews via Microsoft Teams or Zoom. All communication will come from an email address ending in @medvacon.com. If you receive a message that seems suspicious or is not from our official domain, please report it immediately to View email address on click.appcast.io.
- Active Directory Cleanup & Optimization
- Perform comprehensive AD cleanup including stale objects, unused OUs, orphaned SIDs, legacy GPOs, and deprecated configurations.
- Normalize and restructure OU hierarchy, naming standards, and attribute consistency.
- Identify and remediate duplicate SPNs, conflicting UPNs, and misconfigured service accounts.
- Clean up old domain controllers, decommission legacy forests/domains, and remove deprecated trust relationships.
- Conduct ACL cleanup to eliminate excessive permissions and privilege creep.
- AD Security Hardening & Identity Protection
- Implement CIS/NIST/Microsoft security baselines for domain controllers and AD objects.
- Harden authentication by reducing NTLM, enforcing Kerberos protections, and implementing authentication policies/silos.
- Deploy and maintain Privileged Access Workstations (PAW) and tiered admin model (Tier 0/1/2).
- Remediate identity vulnerabilities such as DC Sync exposure, unconstrained delegation, Golden Ticket risks, and weak ACLs.
- Integrate AD logs with SIEM platforms (Sentinel, Splunk, QRadar) for continuous monitoring.
- Implement secure service account management, including gMSA adoption and rotation policies.
- AD Replication Health & Domain Controller Management
- Monitor and maintain AD replication topology, site links, and inter-site connectivity.
- Troubleshoot replication failures (USN rollback, lingering objects, tombstone issues).
- Perform authoritative and non-authoritative restores as needed.
- Ensure domain controllers are patched, hardened, and compliant with security standards.
- Validate SYSVOL health (DFSR), replication convergence, and GPO consistency.
- Group Policy Management & Cleanup
- Audit and clean up legacy, conflicting, or redundant GPOs.
- Standardize GPO structure, naming, and versioning.
- Implement GPO security baselines for servers, workstations, and privileged accounts.
- Troubleshoot GPO processing issues and configuration drift.
- Hybrid Identity & Azure AD (Entra ID) Integration
- Support and optimize Azure AD Connect sync, attribute flows, and identity lifecycle.
- Remediate sync errors, duplicate identities, and hybrid identity conflicts.
- Implement Conditional Access, MFA enforcement, and modern authentication policies.
- Support migration toward Zero Trust identity and passwordless authentication.
- Documentation, Governance & Continuous Improvement
- Maintain detailed documentation of AD topology, GPOs, replication, and security configurations.
- Develop identity governance standards, naming conventions, and lifecycle processes.
- Provide recommendations for AD modernization, consolidation, and long-term stability.
- Participate in audits, compliance reviews, and security assessments.
Required Skills & Experience
- 5-10+ years of hands-on experience with Active Directory, DNS, DHCP, GPO, and Windows Server.
- Deep expertise in AD cleanup, replication troubleshooting, and security hardening.
- Strong PowerShell skills for automation and bulk remediation.
- Experience with Azure AD / Entra ID, hybrid identity, and AAD Connect.
- Familiarity with SIEM, identity threat detection, and AD attack paths.
- Understanding of Kerberos, NTLM, LDAP, SAML, OAuth, and modern auth.
Preferred Qualifications
- Knowledge of Red Forest / ESAE, Tiered Admin Model, and Zero Trust identity.
- Certifications: Microsoft Identity & Access Administrator (SC-300), Azure Administrator
Medvacon Talent Acquisition only conducts initial video interviews via Microsoft Teams or Zoom. All communication will come from an email address ending in @medvacon.com. If you receive a message that seems suspicious or is not from our official domain, please report it immediately to View email address on click.appcast.io.
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Active Directory Engineer in Houston, TX vacancy
- ...A client of Insight Global is seeking an Active Directory Engineer to join their Cloud Infrastructure / Identity team. This is an engineer-level, hands-on role (not an architect-only position). You'll step into a large, complex onprem Active Directory environment that...Suggested
$120k - $150k
...Contract to Hire with conversion salary $120-150k Job Title: Active Directory Technical Manager/Lead About the Role We are seeking a... ...workloads. Provide technical leadership to a team of 5-10 AD engineers: mentor juniors, conduct code/script reviews, assign tasks,...SuggestedFull timeContract workRemote workFlexible hours$120k - $150k
A technology consulting firm is seeking an Active Directory Technical Manager/Lead in Houston, TX. In this pivotal role, you will manage... ...environment, oversee significant migrations, and lead a small team of engineers. The ideal candidate has over 7 years of experience in...Suggested- ...AI Automation Engineer Matrix Medical Management is looking for a full-time AI Automation Engineer to join our team in our Bellaire... ...Microsoft identity, access, and audit tooling (Entra ID / Active Directory, Purview, M365 audit logs); working knowledge of healthcare operations...SuggestedFull timeContract workTemporary workWork at office
$117.3k - $226.9k
## Extravehicular Activity (EVA) Hardware Integration EngineerApplylocations: Johnson Space Center, TXtime type: Full timeposted on:... ...Comprised primarily of highly trained mechanical and aerospace engineers, VSD provides national expertise in the areas of vehicle engineering...SuggestedFull timeWork at officeImmediate startRemote workRelocation packageFlexible hours- ...Insight Global is assisting a client in identifying a Systems Engineer to lead identity and access management initiatives across a... ...trends, and best practices to drive continuous improvement Active Directory • Manage a global AD environment with multiple domain controllers...
- ...Senior Systems Engineer Location: Houston, TX (Hybrid) We are seeking a Senior Systems Engineer to design, implement, and support... ...Lead infrastructure projects involving Microsoft 365, Azure, Active Directory, SharePoint, Windows Server, and Hyper-V. Design and...
- ...industrial sectors. About the Opportunity The Senior Systems Engineer provides hands-on technical support to end-users, including... ...Infrastructure Administer Windows Server environments: Active Directory, DNS, DHCP, Group Policy, and file services. Manage the...
- ...Systems Engineer I At Switch, we don't just design, build and operate data centers—we are enabling the technology... ...with virtualization platforms, storage systems, and directory services such as VMware, SAN, and Active Directory Monitor system performance and...Work at officeRemote work
$86k - $110k
...Systems Engineer III (This is a remote position open to applicants residing in TX, NM, AZ, CO, or KS) As a Systems Engineer... .../admin (including servers in Azure/cloud) (2019+), including Active Directory design (GPO, Policies, Sites, Users, Groups & Security)...Temporary workWork at officeRemote workFlexible hours- We are looking for a highly skilled Authentication Services Engineer to support a divestiture-driven separation of user identity and... ...engineering roles Deep hands-on experience with Azure AD, Active Directory, and cloud identity platforms (Okta, Ping, etc.) Knowledge of...Permanent employmentContract workLocal area
- ...engagements. Position Summary The Managed Services Systems Engineer is a client-facing technical role responsible for designing,... ...across multiple ITO clients Administer Windows Server, Active Directory, Entra ID, Intune, Exchange Online, SharePoint, and Teams...H1bWork at officeRemote workShift work
- ...Title: Senior Systems Engineer Client: ExxonMobil Location: Houston, TX (on site 5 days per week) Contract... ...of infrastructure components such as networking and Active Directory, which is essential for running queries and troubleshooting....Contract workRemote work
$160k
...professionals. We are seeking a Senior Project & Commissioning Engineer to join the Engineering, Procurement & Construction (EPC) team... ...to support a wide range of project-related tasks and activities Provide input on permitting and regulatory applications and...Contract workFor contractorsRemote workWork from homeFlexible hours- ...Job Description Job Description Position Title: HVAC Engineer Location: Houston, TX Employment Type: Full-Time Role... ...commissioning and testing requirements. Lead and support commissioning activities from L1 to L5 , including Integrated System Testing (IST) ....Full time
- ...an exciting opportunity for a Mechanical Design and Testing Engineer to join our JETS II contract team at NASA Johnson Space Center... .... If selected you will: Support Johnson Space Center's activities on the International Space Station and space exploration Work...Contract workTemporary workRelocation package
- ...is seeking a motivated and technically driven Entry Level MEP Engineer to support large-scale hydronic system flushing, temporary pumping... ...planning, temporary pumping system design, and field startup activities for high-profile infrastructure and mission-critical...Temporary workFor contractorsInternshipWork at office
- Systems Engineer Location: Houston, TX 77064 (onsite) As a Systems Engineer, you’ll be a part of Systems Operations team, supporting... ...Maintain virtual private server, backup Maintain Microsoft Active Directory, DNS, DHCP, NTP and DC to ensure secure, reliable access and...Work experience placement
- ...Proceed, assist in issuance of Work Orders, maintaining project directories, processing submittals, documents, and files Manages the... ...support company core values and foster a positive work environment Actively participates in company and community events to enhance...Contract workFor subcontractor
- ...Associates, Inc. (SIA) is currently looking for a Mechanical Engineering Consultant to join our Process Pressure Vessels team. This role... ...and administrative aspects of the work. They are expected to actively participate in both internal and external training, development...Temporary workWork at officeRemote workFlexible hours
$20k
Systems Engineer at Impact Networking, LLC Description Impact is a leading national managed services provider, specializing in IT... ...systems, including: Windows Server ESX/VMware Windows Clusters Active Directory Network configuration: IP addressing Routing DNS...Work experience placementRemote work$101.2k - $161.6k
...being named a Great Place to Work and consistently ranking on Engineering News Record's Top 500 Design Firms in the United States and... ...equipment selection, and design standards Support construction activities, including RFIs, submittals, and field coordination...Work experience placementWork at officeLocal area- ...provisioning, maintenance, backup & recovery and other related activities. The role operates with minimal oversight and acts as a... ...Experience designing, implementing and troubleshooting Active Directory, required Experience leading enterprise-wide initiatives Experience...Work experience placement
$34 - $43 per hour
...Job Title: Field Support Engineer Location: Houston, TX (Home-based when not in the field) Hours: 8:00am - 5:00pm Mon-Fri FLSA: Non-... ...including the setup of Windows and database servers. Document service activities and maintain detailed service logs. Conduct customer training...Full timeFor contractorsLocal areaRemote workHome office- ...Description Job Summary The Senior Facilities Mechanical Engineer is responsible for the design, operation, maintenance, and continuous... ..., vendors, and service providers for projects and maintenance activities. Ensure compliance with local, state, and federal...For contractorsLocal area
- ...communities and nations everywhere. Quaise is seeking a Mechanical Engineer II to lead component-level design and development for lab-... ...executing moderately complex mechanical design and testing activities while contributing across a broad range of experimental and...For contractorsWork at office
- ...Description Location: Houston, Texas Position status: FT Exempt Status: Exempt CNPC USA is actively seeking a highly skilled and motivated Mechanical Engineer to join our growing team. This is a unique opportunity for an experienced engineer with expertise in...Work at officeLocal areaNight shift
$90k - $115k
...intentional as our impact. Summary/Objective: The Mechanical Engineer is a technical expert responsible for providing comprehensive... ...existing job site conditions, which may involve walking active construction sites and accessing mechanical spaces. Compu...Full timeTemporary workWork at officeLocal area- ...each other! Summary: The Project Manager position, within the Engineering & Construction (E&C) team, will collaborate with Engineers... ...the Construction Group members in construction and inspection activities. Communicate with project stakeholders including operations personnel...Contract workFor contractorsWork experience placementWork at officeLocal areaNight shift
- ...Description Are you ready to make a mark in the world of forensic engineering? S-E-A is on the look-out for a passionate mechanical engineer... ...an Employee Assistance Program and a Motion Wellness Program that rewards activity through contributions to employee HSA accounts....Work at office
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Active Directory Engineer. Be the first to apply!


