Logo for Navitas Partners, LLC

Sr. Active Directory Architect/SME

Navitas Partners, LLC

Roles & Responsibilities

  • 10+ years of enterprise Active Directory administration, engineering, and architecture experience
  • Extensive experience with Active Directory Domain Services (AD DS)
  • Strong understanding of AD security hardening and compliance best practices
  • Experience leading enterprise infrastructure modernization and migration projects

Requirements:

  • Conduct comprehensive assessments of existing Active Directory environments
  • Design modern hybrid Active Directory architectures leveraging both on-premises and Microsoft Azure IaaS domain controllers
  • Guide Active Directory schema upgrades and domain/forest functional level enhancements
  • Develop architecture diagrams, operational runbooks, migration procedures, and as-built documentation

Job description

Active Directory Domain Controller Project

Title: Sr. Active Directory Architect/SME
Duration: 8-10 Weeks
Location: US – Remote
Type: US Citizen with Public Trust Clearance Required.

Position Overview
We are seeking a highly experienced Senior Active Directory Infrastructure Architect/SME to lead and provide Subject Matter Expertise for a large-scale Active Directory modernization initiative supporting a federal enterprise environment. This consultant will guide the upgrade and migration of six (6) Active Directory Domain Controllers from Windows Server 2012 R2 to Windows Server 2025 while transforming the environment into a secure hybrid architecture spanning on-premises infrastructure and Microsoft Azure IaaS.
The selected professional will serve as the technical lead and trusted advisor throughout the project lifecycle, providing architecture, migration strategy, validation, documentation, and knowledge transfer. All work will be performed remotely in partnership with customer technical teams who will execute hands-on implementation activities under SME guidance.
Key Responsibilities
Active Directory Assessment & Planning
  • Conduct comprehensive assessments of existing Active Directory environments, including forests, domains, trusts, sites, replication, DNS, DHCP, GPOs, and PKI integrations.
  • Identify technical dependencies, legacy application constraints, security risks, and migration challenges.
  • Develop migration strategies, implementation roadmaps, rollback plans, and maintenance window schedules.
  • Lead stakeholder workshops with infrastructure, security, networking, and application teams.
Architecture & Design
  • Design modern hybrid Active Directory architectures leveraging both on-premises and Microsoft Azure IaaS domain controllers.
  • Develop AD site topology, replication strategies, DNS architecture, and network integration designs.
  • Define Azure deployment architecture including virtual networks, subnets, resource groups, NSGs, and hybrid connectivity models.
  • Establish security baselines, hardening standards, auditing, monitoring, and compliance requirements.
Migration & Modernization
  • Guide Active Directory schema upgrades and domain/forest functional level enhancements.
  • Provide technical leadership for Windows Server 2025 Domain Controller deployment and promotion.
  • Lead FSMO role transfers, DNS migrations, and DHCP migrations where applicable.
  • Validate authentication services, Group Policy processing, replication health, and DNS functionality throughout migration activities.
Legacy System Decommissioning
  • Plan and oversee the retirement of Windows Server 2012 R2 Domain Controllers.
  • Guide demotion procedures, metadata cleanup, DNS cleanup, and post-migration validation activities.
  • Ensure minimal business disruption and successful transition to the new environment.
Documentation & Knowledge Transfer
  • Develop architecture diagrams, operational runbooks, migration procedures, and as-built documentation.
  • Conduct final validation testing and health assessments.
  • Deliver knowledge transfer sessions and operational recommendations to customer stakeholders.
Required Qualifications
  • 10+ years of enterprise Active Directory administration, engineering, and architecture experience.
  • Extensive experience with:
    • Active Directory Domain Services (AD DS)
    • Windows Server 2012 R2, 2016, 2019, 2022, and 2025
    • DNS, DHCP, Group Policy, PKI, and AD replication
    • FSMO role management and domain controller migrations
    • Active Directory Sites and Services
    • Hybrid identity and Microsoft Azure infrastructure
  • Strong understanding of:
    • AD security hardening and compliance best practices
    • Forest and domain functional levels
    • SYSVOL replication (DFSR/FRS)
    • Backup, disaster recovery, and rollback planning
    • Enterprise networking concepts, VPNs, ExpressRoute, routing, and firewalls
  • Experience leading enterprise infrastructure modernization and migration projects.
  • Strong documentation, communication, and stakeholder management skills.
Preferred Qualifications
  • Microsoft certifications related to Azure, Windows Server, or Identity Management.
  • Experience supporting federal, defense, or highly regulated environments.
  • Familiarity with security frameworks and audit/compliance requirements.
  • Experience integrating Active Directory with SIEM, monitoring, and logging platforms.
Ready to apply?
APPLY
Β·

Related jobs

United States

Other jobs at Navitas Partners, LLC

We help you get seen. Not ignored.

We help you get seen faster β€” by the right people.

πŸš€

Auto-Apply

We apply for you β€” automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

✨

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.