Sr. Authentication Engineer
Position: Sr. Authentication Engineer
Location: Sterling, VA (Hybrid)
Duration: Contract to hire (6 months)
Only local USC/GC candidates will be considered.
Responsibilities:
Hybrid Identity Architecture & Management
- Design, implement, and manage complex hybrid Active Directory and Microsoft Entra ID environments across on-premises and cloud.
- Administer Domain Controllers (Windows Server), including AD Sites & Services, DNS, DHCP, time services, SYSVOL/DFSR, and FSMO roles.
- Plan and execute domain lifecycle activities (consolidations, inter-forest migrations, decommissions).
- Configure and optimize Entra ID for secure access, Conditional Access, identity governance (PIM, access reviews), workload identities, and application registrations.
- Manage directory synchronization using Microsoft Entra Connect and Cloud Sync; maintain staging/DR patterns for continuity.
- Lead the retirement of legacy identity platforms (e.g., ADFS) and transition to modern authentication (OAuth/OIDC, SAML).
- Cloud, Virtualization & Networking
- Operate and troubleshoot Windows workloads in AWS (including EC2, VPC, subnets, security groups, VPN/Direct Connect).
- Design resilient identity topologies across data centers and cloud; implement and test AD forest/domain disaster recovery.
- Collaborate with platform teams on IaaS/PaaS implementations; leverage Infrastructure as Code (Terraform or CloudFormation) as applicable.
- Security & Compliance
- Harden Domain Controllers and Windows baselines per CIS Benchmarks and organizational policies.
- Translate legacy GPOs into cloud-based controls using Intune and Conditional Access.
- Implement strong authentication (MFA/Passwordless/Biometrics, certificate-based auth) and privileged access patterns (Tiering, PAW, JIT/JEA, PIM).
- Conduct security assessments, participate in audits, respond to incidents, and ensure compliance with frameworks (PCI, HIPAA, SOC 2, CJIS).
- Drive LDAP modernization initiatives, including transitioning to secure LDAPS and coordinating with endpoint and application teams.
Operational Excellence & Automation
- Serve as senior escalation for complex identity issues; drive root cause analysis and sustainable remediation.
- Automate at scale using PowerShell and Microsoft Graph API
- Establish health monitoring and actionable alerting using native tools and SIEM (Google Chronicle, CloudWatch).
- Maintain comprehensive documentation, SOPs, and disaster recovery playbooks.
Collaboration & Leadership
- Partner with application owners to modernize SSO (SAML/OIDC/OAuth) and deprecate legacy auth flows.
- Mentor engineers, lead design reviews, and participate in change management and risk assessments.
- Support both workforce and customer identity scenarios; experience with PingOne is a plus.
Requirements:
- Bachelor's degree in Computer Science, Information Systems, or equivalent experience.
- 7+ years in Identity and Access Management, including 5+ years as a Domain Administrator in large, multi-site AD environments.
- Expertise in Domain Controller administration, AD Sites & Services, Windows DNS/DHCP, Kerberos/NTLM, and secure LDAPS.
- Hands-on experience with Microsoft Entra ID at enterprise scale, including Conditional Access, PIM, and application integrations.
- Proficiency with Entra Connect / Cloud Sync and troubleshooting synchronization/authentication flows.
- Strong PowerShell and Microsoft Graph automation skills.
- Experience operating Windows workloads in AWS/AMS and integrating cloud networking with on-prem identity services.
- Proven track record executing AD, Entra ID migrations, ADFS decommissioning, and GPO-to-Intune conversions.
- Strong understanding of authentication protocols (LDAP, Kerberos, SAML, OIDC) and Zero Trust principles.
Preferred Qualifications:
- Microsoft Certified: Identity and Access Administrator Associate (SC-300) or equivalent; additional certifications (AZ-104/305, SC-100) are a plus.
- Experience with Microsoft Defender for Identity, Defender for Endpoint, and Google Chronicle.
- Familiarity with modern access control models (RBAC/ABAC), SCIM provisioning, and workload identity management.
- Experience with customer identity platforms (e.g., PingOne) and B2C/B2B collaboration.
- Exposure to domain consolidation projects and AI/ML tools for IT operations.
- Familiarity with Infoblox for DNS/DHCP/IPAM.
Recommended Jobs
Java Software Engineer I
Overview Build the next generation of ArcGIS Enterprise, a suite of products delivering state-of-the-art mapping and analytics capability to thousands of customers and millions of users worldwide.…
Construction Safety Manager
&##127959;️ Build Safer, Smarter Sites - Join Calvert Masonry Inc. as Our Next Construction Safety Manager! Position: Construction Safety Manager Company: Calvert Masonry Inc. Salary Range: …
Certified Nursing Assistant (CNA)
CNA Position Overview: We are seeking a compassionate and detail-oriented Certified Nursing Assistant (CNA) to join our healthcare team. The CNA will provide essential support to nursing …
In House Counsel Jobs California | JDHuntr 62338 Assistant General Counsel, Privacy $118K - $213K (Hybrid), Reston, VA
In House Counsel Jobs California | JDHuntr 62338 Assistant General Counsel, Privacy $118K - $213K (Hybrid), Reston, VA Apply on JDHuntr.com Post Date: 11.1.2023 *Handling privacy and data protecti…
Dentist
Full Time or Part Time Opportunity for a Dentist in Falls Church, VA! We are a Private Dental Office. We treat both Adult & Children patients We have a great team! Our Position can be either…
APP ( NP or PA ) - Specialty Practice - Hospitalist
How You'll Help Transform Healthcare: APP (NP or PA) opportunity to work with the Hospitalist group at Carilion Roanoke Memorial Hospital. This state-of-the-art, 763-bed academic/tertiary referr…
Dealership Finance Manager
Job Description Job Description CarGuys Inc. -America’s #1 Automotive Recruiter If you are looking for a new career in the car Biz CarGuys Inc. is the go-to company to assist you. We work wi…
Inside Sales Representative
At Southern Electrical, we’re the power behind keeping homes safe and comfortable, delivering top-tier electrical solutions with precision and expertise. We're seeking an Inside Sales Representativ…
Teacher Assistant-Infant
Job Description Job Description Overview Who We’re Looking For Meets all state preschool teacher assistant requirements Super flexible and ready to jump in during business hours Bonus…