Talent.com
Astra North Infoteck Inc.
L3 Active Directory Engineer – Identity Security (IAM, PAM, AD DS)Astra North Infoteck Inc. • Vancouver, BC, ca
L3 Active Directory Engineer – Identity Security (IAM, PAM, AD DS)

L3 Active Directory Engineer – Identity Security (IAM, PAM, AD DS)

Astra North Infoteck Inc. • Vancouver, BC, ca
14 days ago
Job type
  • Full-time
  • Quick Apply
Job description
Job Description

Senior Active Directory L3 Support Engineer

Work Model Hybrid – 4 Days Work From Office


Job Summary

We are seeking an experienced Senior Active Directory L3 Support Engineer to strengthen and modernize enterprise Active Directory services across production and disaster recovery environments. The ideal candidate will have extensive experience in Active Directory administration, infrastructure modernization, identity security, and PowerShell automation while supporting highly available and secure enterprise environments.

The role will focus on Active Directory modernization, security hardening, privileged access remediation, Group Policy optimization, and Zero Trust initiatives.


Key Responsibilities

Active Directory Infrastructure & Modernization

  • Deploy and configure additional Domain Controllers across production and disaster recovery environments.
  • Replace legacy Windows Server 2016 Domain Controllers with modern infrastructure while minimizing business disruption.
  • Support Active Directory platform modernization initiatives.
  • Implement network segmentation to align with Zero Trust architecture and reduce lateral movement risks.
  • Maintain Active Directory health including replication, DNS integration, authentication services, and Group Policy processing.

Security Hardening & Identity Protection

  • Implement Extended Protection for Authentication (EPA).
  • Enforce SSL/TLS for privileged Active Directory services.
  • Configure SMB Signing to prevent NTLM relay attacks.
  • Disable NTLMv1 and enforce LDAP Signing and LDAPS.
  • Implement Kerberos Hardening and secure delegation controls.
  • Remediate excessive privilege findings including:
    • AdminCount issues
    • Missing ACL protections
    • Protected Users enrollment
    • GPO-based security exposures
  • Strengthen privileged account management and password policies.
  • Identify and remediate insecure account configurations.

Group Policy & Compliance

  • Harden enterprise Group Policy configurations.
  • Enable PowerShell logging and advanced audit policies.
  • Configure secure encryption standards and Remote Desktop settings.
  • Review and remediate LDAP, authentication, and domain security weaknesses.
  • Document implementation standards, remediation plans, and operational procedures for audit compliance.

Collaboration & Operational Support

  • Partner with Infrastructure, Security, and Application teams during security remediation projects.
  • Support controlled production deployments and change management activities.
  • Participate in infrastructure upgrades and domain controller migration projects.
  • Automate administrative tasks using PowerShell scripting.


Required Skills

  • Extensive experience administering Active Directory Domain Services (AD DS) in enterprise environments.
  • Strong knowledge of:
    • Active Directory Administration
    • Domain Controllers
    • Active Directory Replication
    • DNS
    • Group Policy (GPO)
    • Authentication protocols
    • Disaster Recovery
  • Hands-on experience implementing:
    • Extended Protection for Authentication (EPA)
    • LDAP Signing
    • LDAPS
    • Kerberos Hardening
    • SMB Signing
    • Privileged Account Protection
  • Experience with:
    • Active Directory Certificate Services (AD CS)
    • Active Directory Web Services (ADWS)
    • Windows Server Hardening
    • Identity Security Remediation
  • Strong PowerShell scripting and automation skills.
  • Experience executing infrastructure modernization and Active Directory migration projects.
  • Ability to analyze and remediate privilege escalation paths and identity security risks.


Preferred Qualifications

  • Experience supporting highly regulated enterprise environments.
  • Knowledge of:
    • Zero Trust Architecture
    • Privileged Access Management (PAM)
    • CyberArk
    • Identity Security Assessments
    • Audit & Compliance
    • Change Management
  • Microsoft certifications related to Windows Server, Active Directory, Security, or Identity Administration are highly desirable.


Required Technologies

  • Active Directory Domain Services (AD DS)
  • Active Directory Administration
  • Domain Controllers
  • Active Directory Replication
  • DNS
  • Group Policy (GPO)
  • LDAP Signing
  • LDAPS
  • Kerberos
  • SMB Signing
  • Extended Protection for Authentication (EPA)
  • PowerShell
  • Windows Server
  • Active Directory Certificate Services (AD CS)
  • Active Directory Web Services (ADWS)
  • Disaster Recovery
  • Identity Security


Nice to Have

  • CyberArk
  • Privileged Access Management (PAM)
  • Zero Trust Security
  • Infrastructure Modernization
  • Audit & Compliance
  • Identity Governance





Requirements
60-70
Create a job alert for this search

L3 Active Directory Engineer – Identity Security (IAM, PAM, AD DS) • Vancouver, BC, ca

Similar jobs

OT Security Solutions Architect — Pre‑Sales

FortinetVancouver, Metro Vancouver Regional District, CA
Full-time

A global cybersecurity company seeks an OT Business Development Engineer to drive customer engagement and lead technical solutions in Operational Technology security.Responsibilities include engagi... Show more

 • Promoted

Senior Security Engineer - Cloud Identity

MQ Referrals OnlyVancouver, Metro Vancouver Regional District, CA
Full-time

We’re seeking an experienced Senior Security Engineer with a strong passion for.Identity and Access Management(IAM).In this role, you’ll help shape and implement modern identity strategies to secur... Show more

 • Promoted

Remote Senior Product Security Engineer Driving Security Solutions

AffirmVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

Elevate product security as a Senior Product Security Engineer.Collaborate with engineering teams to embed security in the product development lifecycle while identifying vulnerabilities and automa... Show more

 • Promoted

Security Infrastructure Engineer

TailscaleVancouver, Metro Vancouver Regional District, CA
Full-time

Tailscale is building the new Internet by delivering software that makes it easy to securely interconnect people and their devices, no matter where they are.From hobbyists to multinational corporat... Show more

 • Promoted

Senior Security Consultant – Hardware and Embedded Security

NCC Group North AmericaVancouver, Metro Vancouver Regional District, CA
Full-time

Senior Security Consultant – Hardware and Embedded Security.Thanks for checking out our latest opportunity.We’re thrilled that YOU are considering joining our team!.We’re NCC Group – a global leade... Show more

 • Promoted

Senior Application Security Engineer - Hybrid (Vancouver)

Spring FinancialVancouver
Full-time

A leading financial technology firm is seeking a Senior Application Security Engineer to lead its application security strategy.The role requires over 5 years of experience in application security,... Show more

 • Promoted

Expert Architect for Security Sector Designs

Stantec Consulting International Ltd.Vancouver, British Columbia, Canada
Full-time

Drive architectural excellence in high-security and federal designs.This role focuses on leading projects that require a keen attention to detail and deep compliance with defense regulations.As a S... Show more

 • Promoted

Strategic Information Security Architect

ColliersVancouver, Metro Vancouver Regional District, CA
Full-time

Transform global security architecture as a Strategic Information Security Architect.Spearhead cloud migration security strategies while ensuring systems are secure and compliant.This pivotal role ... Show more

 • Promoted

DevOps Security Engineer (Cribl)

Insight GlobalVancouver, Metro Vancouver Regional District, CA
Full-time

Insight is looking to hire a DevOps Security Engineer to join the Security Observability team in the Cybersecurity Engineering organization.Cybersecurity Engineering – scales the means and mechanis... Show more

 • Promoted

Azure AI Security & Governance Consultant

ConcentrixVancouver, Metro Vancouver Regional District, CA
Full-time

A customer experience solutions provider based in Canada is seeking a Cybersecurity Consultant to lead strategic AI security initiatives.The ideal candidate will have deep expertise in the Microsof... Show more

 • Promoted

Security Architect

AGFA HealthCareVancouver, Metro Vancouver Regional District, CA
Full-time

We are hiring an experienced security Architect who is responsible for designing and implementing security within our architecture.This role involves working closely with cross-functional teams (en... Show more

 • Promoted

Senior Security Engineer

HiiveVancouver, British Columbia, Canada
Full-time

Hiive is redefining how private companies and their shareholders access liquidity.Through its institutional-grade platform, Hiive brings together buyers, sellers, and issuers to facilitate secondar... Show more

 • Promoted

Senior Security Engineer, Full‑Stack & Cloud

LiveKitVancouver, Metro Vancouver Regional District, CA
Full-time

A tech company specializing in voice-driven systems is seeking a Security Engineer to ensure security across applications, services, and infrastructure.You will proactively identify risks, lead sec... Show more

 • Promoted

Senior Security Engineer - Cloud Identity

Marqeta, Inc.Vancouver, Metro Vancouver Regional District, CA
Full-time

We’re seeking an experienced Senior Security Engineer with a strong passion for.Identity and Access Management (IAM).In this role, you’ll help shape and implement modern identity strategies to secu... Show more

 • Promoted

Application Engineer - Security Tech Solutions (Remote)

SICK Sensor IntelligenceVancouver, Metro Vancouver Regional District, CA
Remote

Sie entwickeln Applikationslösungen im Bereich Sicherheitstechnik.Bewerber benötigen ein Studium in Elektrotechnik und Erfahrung in der Elektrokonstruktion sowie gute Englischkenntnisse. Show more

 • Promoted

Security Engineer

Clutch CanadaVancouver
Full-time

Security Engineer, Vancouver – Engineering – Remote – Full-time.AI teammate for meetings, trusted by over 20 million people across more than 500,000 organizations.Fireflies enables teams to capture... Show more

 • Promoted

Advanced Security Engineer for AI Systems

lululemonVancouver, British Columbia, Canada
Full-time

Elevate your career as an Advanced Security Engineer specializing in AI systems.Focus on building security frameworks that protect data while enhancing innovation and collaboration within a strong ... Show more

 • Promoted

Enhanced Due Diligence Associate

BET99delta, bc, ca
Full-time

BET99 is Canada's Premiere Online Sportsbook and Casino.Launched in 2020, we have consistently innovated the online gaming landscape every step of the way, exponentially growing our customer base a... Show more

 • Promoted

Remote Security & DevOps Engineer for SaaS/IoT Cloud

KeycafeVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

A leading technology firm in Canada is seeking a passionate Security & DevOps Engineer to enhance its cloud environments and ensure high security across its global IoT platform.You'll manage applic... Show more

 • Promoted

Technology Manager Driving Security in Identity Access Management

Best Buy CanadaVancouver, British Columbia, Canada
Full-time

Lead the charge in security and efficiency with a role as a Technology Manager in IAM.This remote-first position allows you to leverage your expertise in managing identity and access systems effect... Show more