** Due to client requirements, applicants must be able to work on a w2 basis
Job Overview
We are seeking an experienced Senior Active Directory Domain Administrator to lead a critical enterprise infrastructure modernization initiative. This contract role will focus on upgrading an Active Directory environment to the latest Windows Server domain and forest functional levels while improving security, performance, scalability, and overall operational resilience. Candidates with proven domain upgrade experience in large-scale environments will be prioritized for interviews.
Must Haves
- Minimum 5 years of experience managing Active Directory environments within mid-to-large organizations
- Proven experience performing Active Directory domain and forest functional level upgrades
- Expert-level knowledge of Microsoft Windows Server 2019, 2022, and 2025
- Strong experience with Active Directory administration, including OU design and management
- Advanced Group Policy Object (GPO) creation, troubleshooting, and maintenance skills
- Experience transferring and managing FSMO roles
- Strong understanding of Kerberos authentication and Windows DNS administration
- Experience managing Certificate Authority (CA) infrastructure and certificates
- Ability to write custom scripts to automate administrative and operational tasks
- Excellent collaboration and communication skills within technical teams
What the Client Needs You to Do
The selected consultant will lead the planning, testing, and execution of an enterprise Active Directory modernization project. This includes deploying new domain controllers, validating upgrade procedures in a development environment, and ensuring a seamless transition into production with minimal business disruption. Success in this role requires strong technical leadership, attention to detail, and the ability to work closely with infrastructure and operations teams.
Key Responsibilities
- Design and implement an Active Directory domain and forest functional level upgrade strategy
- Provision and configure multiple new domain controllers within a virtualized VMware environment
- Perform comprehensive testing and validation activities in a development environment prior to production deployment
- Transfer and validate FSMO roles across domain controllers as part of the migration process
- Administer and optimize Active Directory organizational units, security groups, and directory services
- Create, maintain, and troubleshoot Group Policy Objects to support enterprise security and operational requirements
- Manage Windows DNS services and ensure reliable name resolution throughout the environment
- Support Kerberos authentication configuration and troubleshooting efforts
- Maintain and validate Certificate Authority services and certificate dependencies during the upgrade process
- Develop custom scripts and automation solutions to streamline administration and migration activities
- Document implementation procedures, configuration standards, and operational runbooks
- Collaborate with infrastructure, security, and systems teams to ensure project success and knowledge transfer
Additional Information
- Contract opportunity supporting a large enterprise infrastructure environment
- Project includes deployment of new domain controllers and the retirement of legacy systems
- Strong emphasis on security hardening, scalability improvements, and operational performance enhancements
- Experience with Ansible and Jenkins is considered a plus
- Candidates should be comfortable working in both development and production environments
- Ability to participate in planning sessions, technical reviews, testing activities, and implementation support is required
- Experience leading or supporting enterprise-scale Active Directory modernization initiatives is highly preferred
- 3-4 days onsite
W2 employees of Overture Partners who work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), 401(k) starting on day one, a variety of voluntary benefits including life and disability insurance, and sick time if required by law in the worked-in state/locality.
#25493