Senior Active Directory Engineer (on prem) to remediate security gaps in the existing AD environment .

Our client is Canada's largest retailer. They are looking for a Senior Active Directory Engineer (on prem) to remediate security gaps in the existing AD environment .

Duration: 6 months

Location: Remote (May need to go onsite once in a while for specific meetings - Brampton)

Work Hours: 8hours/day

Must Have:

• Deep expertise in Active Directory architecture, including forests, domains, trusts, group policies, and organizational units (OUs).
• Strong command over SMB (Server Message Block) protocol, including security hardening practices and non-standard port configurations.
• Hands-on experience with NTLM authentication specifically in the context of SMB.
• In-depth understanding of Kerberos authentication and how it integrates with Active Directory environments.

Requirements:

• Proven experience designing, implementing, and managing complex AD infrastructures across multiple domains and trusts.
• Expertise in AD troubleshooting and performance optimization.
• Solid grasp of identity and access management within an AD environment.
• Familiarity with SMB protocol internals, including its use in enterprise networks and best practices for secure deployment.
• Understanding of authentication mechanisms (NTLM and Kerberos), and how to diagnose and resolve related issues.
• Awareness of industry security standards and compliance requirements related to directory services and authentication.
• Develop and implement remediation plans to address identified gaps and ensure compliance with best practices