MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Lead Active Directory Engineer

Nix

Ukraine (Europe, LATAM, Ukraine) Remote permanent

Posted: April 1, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

We're looking for a skilled Lead Active Directory Engineer to join our team and shape the future of online car markets, with a focus on standardizing and hardening single-forest, single-domain Active Directory environments.

Required Skills

Active Directory Group Policy Security Hardening Compliance Azure AD AD Security Privileged Access Management English Proficiency Auditing Identity Integration

Job Description

N-iX is looking for skilled Lead Active Directory Engineer to join our team! Our customer is the European online car market with over 30 million monthly users, with a market presence in 18 countries. As a Lead Active Directory Engineer, you will play a pivotal role in shaping the future of online car markets and enhancing the user experience for millions of car buyers and sellers. We require a Lead Engineer to assess, clean up, and harden multiple inherited single-forest, single-domain Active Directory environments. These environments require standardization, security hardening, and alignment with current best practices. The focus will be on improving AD structure, security posture, Group Policy hygiene, and operational consistency, while also evaluating long-term viability and integration with enterprise IAM platforms. This is a hands-on senior role requiring deep expertise in Active Directory architecture, security, identity integration, and remediation of legacy configurations, including alignment with industry audit and compliance standards (e.g., PCI DSS).

Requirements:

• EDT Timezone work hours

• Extensive hands-on experience (typically 7+ years) with Active Directory engineering and administration.

• Proven experience performing AD clean-up, consolidation, or post-transition integration work.

• Strong expertise in: Active Directory (single-domain environments at scale), Group Policy design, cleanup, and optimization, OU design and delegation models.

• Demonstrated experience with: AD security hardening (tiered admin model, least privilege, attack surface reduction), identifying and remediating, stale objects (users, computers, groups), legacy permissions and misconfigurations, GPO sprawl and conflicts.

• Experience integrating Active Directory with IAM/IdP platforms, including: Azure AD / Entra ID, Okta, etc, SSO, federation, and identity synchronization (e.g., AAD Connect or equivalent), role-based access control (RBAC) and identity lifecycle management.

• Experience working within regulated or audited environments, including: PCI DSS (or similar frameworks such as ISO 27001, NIST).

• Implementing controls related to identity, access management, and auditability.

• Strong knowledge of: Authentication protocols (Kerberos, NTLM, SAML/OIDC basics), DNS (AD-integrated), replication, and site topology.

• Experience with tools such as: ADUC, ADSIEdit, Group Policy Management Console, PowerShell (AD module) for bulk changes and reporting.

• Experience in auditing and improving: privileged access (Domain Admins, Enterprise Admins), service accounts and delegation.

• At least upper-intermediate English level.

Responsibilities:

• Perform a comprehensive assessment of current AD environments.

• Identify and remediate: inactive/stale objects, legacy groups and excessive permissions, GPO duplication, conflicts, and inefficiencies.

• Redesign and implement: OU structure and delegation model, Group Policy strategy aligned to best practices.

• Implement security hardening measures, including: privileged access model (e.g., tiering), reduction of attack surface and legacy protocols.

• Alignment with audit/compliance requirements (e.g., PCI DSS controls).

• Integrate AD environments with enterprise IAM platforms, including: identity synchronization and federation, access model alignment (RBAC / least privilege), SSO enablement and identity lifecycle processes.

• Review and optimize: AD Sites and Services (replication topology), DNS configuration and health.

• Develop and execute cleanup and remediation plans with minimal disruption.

• Automate tasks and reporting using PowerShell.

• Produce clear documentation and operational standards, including audit-ready configurations.

Nice-to-Have Certifications:

• Microsoft Certified: Windows Server Hybrid Administrator Associate

• Microsoft Certified: Identity and Access Administrator Associate (SC-300)

• Microsoft Certified: Azure Solutions Architect Expert

• MCSA / MCSE (legacy but relevant)

• Security certifications (e.g., CISSP, Security+, CISM)

• Okta Certified Professional / Administrator (or similar IAM certifications)

We offer*:

• Flexible working format - remote, office-based or flexible

• A competitive salary and good compensation package

• Personalized career growth

• Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)

• Active tech communities with regular knowledge sharing

• Education reimbursement

• Memorable anniversary presents

• Corporate events and team buildings

• Other location-specific benefits

*not applicable for freelancers

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply