Job Description

Job Description We are looking for an external expert resource to join the Directory Services team in order to support the operational, administrative and governance activities surrounding our Directory Services infrastructure. You will collaborate and offer support on the following topics: - AD Object, Attribute & Server administration roles - DHCP, DNS, ADFS and configuration administration - Domain controller, OU and GPO administration - Monitoring, Backup & recovery of AD Responsibilities - Managing Active Directory: AD objects, OUs, directory service files and Sysvols - Create and manage users and group accounts: Account permissions, configuring user policies, membership management, add/delete/change user accounts - Create and Manage service accounts: Create gMSA, service accounts, unlock service accounts, configure SPNs - Active Directory clean up: Deletion of obsolete users, computers and group accounts - Automate tasks, policies (GPO) management and procedures: Managing policies for sites, domain & OUs, troubleshooting GPOs, manage users and computers using Group policies - Managing of DNS environment : Install, configure and manage DNS clients and servers, managing forest-wide zones, delegation of controls of AD integrated zones - Managing operations DHCP clients and servers: Install and configure DHCP server, manage address pools, restores, leases and reservations - Managing internal TCP/IP networks relating to Active Directory - ADFS: Setup, manage and deletion of federated service with any other third-party service for authentication and authorization, update SSL certificate for ADFS, creating Relying Party Trust, configure Claims Provider Trust, Renew federation certificate - MFA: Set up 2 Factor Authentication, replacement SecurID token, change authentication methods - SSPR: Use the Self-service Password Management report in order to determine who has (or hasn't) registered for SSPR, verify SSPR is enabled for all users - LAPS: Permissions for computer accounts, authorize user, read password, customize clients/distribute MSI - Azure AD Connect Sync: Change the Azure AD Connector and AD DS account password, configure preferred data location for Office 365 resources, Azure AD Connect sync configure filtering and scheduler, customize synchronization rule. Necessary access to be enabled for team - Azure AD Connect Health: Create Risky IP report, monitor Azure AD Connect sync with Azure AD Connect Health provided necessary access is in place for team - Managing NPS environment: Configure firewalls for RADIUS clients/traffic, Network policies, manage certificates used with NPS, register/unregister NPS in AD domain - Monitoring of AD services, process and events using scripts: Monitor Domain Controller performance, suggest recommendations for optimizing system performance - AD Backup and Restore: Monitor backup schedules for domain controllers and restore of system state in case of failures - Incident, Problem and Change management: Fulfil incidents and tasks assigned to AD assignment group. - CSI and documentation: Implement enhancements, define & document standard operating procedures, knowledge base articles etc Skills and competencies - Professional experience in the administration of Active Directory in a multi-domain forest in an enterprise environment - Experience in ADFS - Maintenance, care, and creation of GPO. Nice to have - Good to have knowledge of PowerShell scripting - Excellent team skills and integrity in a professional environment. - Prior experience with Microsoft AD Security and Configuration assessments preferable. - German language skills an advantage. About Us Infosys is a global leader in next-generation digital services and consulting. We enable clients in more than 50 countries to navigate their digital transformation. With over four decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem. EOE/Minority/Female/Veteran/Disabled/Sexual Orientation/Gender Identity/National Origin