Active Directory Specialist (on-site)

Salary: £35,000 - 75,000 per year

• 5 years supporting hybrid AD (On Prem & Azure AD) in enterprise environments.
• Deep knowledge of Group Policy (including AGPM), ADFS, AD Connect, and LDAP.
• Strong grasp of Azure AD security (RBAC, Conditional Access, MFA, PIM).
• Proficiency across Windows Server 2016/2019/2022 (legacy familiarity from 2003 is beneficial), DNS/DHCP, DFS, clustering, and Windows PKI.
• Operational excellence with Domain Controllers and FSMO role management.
• Azure PowerShell scripting for automation and support.
• Experience with O365/Exchange Online and Endpoint Management in identity related contexts.
• Strong documentation and communication skills; confident working directly with senior customer stakeholders.
• Familiarity with ServiceNow (Incidents, Requests, Change, Reporting).

• Administer and maintain hybrid identity infrastructures across on-prem Active Directory and Azure Active Directory (Entra ID), ensuring secure, reliable authentication and directory services.
• Troubleshoot and optimise identity platforms including AD, ADFS, Azure AD Connect/Sync, Entra ID, and LDAP, resolving complex federation, synchronisation, and authentication issues.
• Lead Group Policy lifecycle management, including design, implementation, and controlled deployment using AGPM to ensure consistent and secure configuration baselines.
• Manage core AD infrastructure components such as Domain Controllers, FSMO roles, DNS, DHCP, Sites & Services, ensuring resilience, correct topology, and high availability.
• Implement and enforce Azure AD security controls, including RBAC, Conditional Access, MFA, Identity Protection, PIM, and other Zero Trust aligned safeguards.
• Support Azure-based platforms including Azure Virtual Desktop, Azure Storage, and policy driven automation using PowerShell to streamline operational tasks.
• Administer and support Windows Server environments (2016 through 2025), ensuring proper patching, performance, and service reliability.
• Manage Public Key Infrastructure (PKI) and certificate based authentication, including lifecycle operations, template management, and secure issuance practices.
• Support and maintain Virtualisation Platforms in conjunction with Active Directory and domain architecture best practices.
• Contribute to the design and delivery of identity and infrastructure solutions, including installation, configuration, optimisation, and continuous service improvement initiatives.
• Produce comprehensive technical documentation, including HLDs, LLDs, operational guides, runbooks, and service model documentation for internal and customer use.
• Work within Agile and ITIL aligned processes to drive continuous improvement, operational consistency, and service excellence.
• Deliver clear communication and exceptional customer service, supporting both technical and non technical stakeholders in resolving identity and access related issues.
• Configure and support enterprise integrations, including Azure Enterprise Applications, ADFS integrated services, Single Sign On (SSO), and user/application provisioning for SaaS and PaaS platforms.

• Active Directory
• Azure
• Support
• ITIL
• LDAP
• PaaS
• PowerShell
• RBAC
• Security
• ServiceNow
• Windows
• Office 365
• Cloud
• ARM
• CI/CD
• DevOps
• Kubernetes

We are looking for an Active Directory Support Specialist to join our team on site at Client Site Aldermaston, where you will play a crucial role in supporting, maintaining, and enhancing our hybrid identity services environment. This position involves delivering expert technical support within a high security public sector setting while contributing to long term service transformation and operational automation initiatives. We value a strong customer focused mindset, the ability to work independently, and a commitment to maintaining security standards. In return, we offer a collaborative working environment where your expertise will drive the evolution of our identity management systems.

last updated 25 week of 2026