- Jalan Sultan Mizan Zainal Abidin, Kompleks Kerajaan Kuala Lumpur Federal Territory Malaysia
Working Location
Job Description
Responsibilities
On Prem Active Directory (AD DS)
Experience level- 5 to 8 years
Location : KL
Below is the JD for this .
Key Responsibilities
1) On Prem Active Directory (AD DS) Administration
• Administer AD DS components: forests, domains, trusts, OUs, users/groups, and delegation models.
• Manage and maintain Domain Controllers, ensuring health, capacity, patching, and lifecycle compliance.
• Configure and maintain Group Policy Objects (GPOs) including security baselines, hardening, and troubleshooting.
• Monitor and troubleshoot AD replication, SYSVOL issues, DFSR/FRS (as relevant), and domain controller health.
• Manage AD-integrated DNS including zones, records, scavenging, forwarders, and resiliency architecture.
• Perform AD upgrades/migrations (domain/forest functional levels, DC replacement, OS upgrades) with minimal downtime.
• Support Active Directory Certificate Services (AD CS) operations such as CRL publishing/renewals (if in scope).
2) Azure AD / Microsoft Entra ID (Cloud Identity)
• Administer Azure AD / Entra ID tenant configuration and identity services for enterprise users and applications.
• Implement and manage Conditional Access, MFA, Identity Protection, and risk-based access controls.
• Manage Privileged Identity Management (PIM) and privileged access policies (JIT/JEA, role assignment governance).
• Configure and support SSO, Enterprise Applications, App registrations, OAuth permissions, and federation settings.
• Operate and optimize hybrid identity services (cloud-only and synced identities) aligned to security standards.
3) Hybrid Identity & Synchronization (Azure AD Connect / Cloud Sync)
• Deploy and maintain Azure AD Connect / Cloud Sync for identity synchronization and writeback (where applicable).
• Manage synchronization rules, troubleshooting (staging mode, metaverse, connector space), and sync monitoring.
• Support hybrid authentication models: Password Hash Sync, Pass-through Authentication, or Federation (AD FS).
• Manage hybrid features like Seamless SSO, device writeback, group writeback, and lifecycle operations.
4) Security, Compliance & Governance
• Enforce identity security baseline: least privilege, tiering model, administrative boundaries, and secure admin workstations.
• Support audits by providing evidence: access reviews, privileged role logs, change records, and security reports.
• Implement and maintain RBAC, delegated admin permissions, and standard operating procedures for identity operations.
• Drive remediation for vulnerabilities and security findings related to directory services and identity components.
5) Operations, Monitoring & ITSM Processes
• Provide L2/L3 support for incidents and service requests related to AD, Entra ID, SSO, and authentication.
• Manage changes through Change Management, create implementation plans, rollback procedures, and conduct PIRs/RCA.
• Maintain monitoring dashboards and alerts for AD DS, DNS, AAD Connect, Entra sign-in activity, and service health.
• Create and maintain knowledge articles, runbooks, SOPs, and operational documentation.
6) Integration & Stakeholder Collaboration
• Work with Security/IAM teams on access governance, privileged access, and policy enforcement.
• Collaborate with Messaging/M365, Endpoint, Network, and Application teams for identity integrations and SSO enablement.
• Provide technical inputs for enhancements, standardization, and continuous improvement of identity services.
Important Information
Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.