Wayzata , Minnesota
|Onsite
|Contract
Wayzata, Minnesota
|Onsite
|Contract
Step into a key Identity & Access Management role where you will help strengthen and modernize enterprise Active Directory services across on-premises and cloud environments. This position offers the opportunity to support secure access, improve operational resilience, and contribute to identity strategies that align with a broader AWS-enabled environment.
Responsibilities
- Design, configure, operate, and secure Active Directory forests, domains, trusts, organizational units, Group Policy, and domain controllers.
- Partner with IAM and PAM teams to support privileged access controls, delegated administration, and group structure design.
- Monitor and resolve Active Directory issues related to authentication, replication, DNS, domain controller availability, and account states.
- Support integrations between Active Directory and identity governance, access request, authentication, and certification tools.
- Create and maintain operational standards, runbooks, and documentation for Active Directory and domain controller services.
- Participate in incident response, change management, audits, and ongoing improvement efforts aligned to security and IAM objectives.
- Develop integration patterns with AWS to support authentication through LDAP or Kerberos.
- Encourage application teams to use Kerberos-based approaches where appropriate to improve authentication patterns.
Skills
- Hands-on experience administering Microsoft Active Directory in large, complex enterprise environments.
- Strong understanding of Active Directory security, delegation models, and privileged group management.
- Experience operating Active Directory within a broader IAM ecosystem.
- Proven troubleshooting skills across authentication, replication, DNS, lifecycle, and access-related issues.
- Experience working with AWS and Active Directory implementation options such as Managed AD or self-hosted solutions.
- Experience integrating Active Directory with identity governance or privileged access management platforms.
- Experience supporting global, multi-domain, or multi-region Active Directory environments.
Preferred Skills
- Experience creating standards, procedures, and operational documentation for identity services.
- Familiarity with secure access design and modernization initiatives in hybrid environments.
- Ability to work collaboratively across IAM, PAM, infrastructure, security, and application teams.
- Strong communication, problem-solving, and continuous-improvement mindset.
Horizontal is committed to building an inclusive workplace where diverse perspectives are valued, and every team member is supported and respected. We welcome candidates from all backgrounds and encourage applicants who bring unique experiences and ideas to apply.
By applying for this position, you acknowledge and agree that Horizontal Talent may contact you regarding your application using automated technology, including phone calls, SMS/text messages, or email, which may be delivered by our virtual AI recruiter, Alex.Horizontal is committed to taking affirmative action to employ and advance in employment qualified individuals with disabilities and protected veterans. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process or participate in the interview process, click here to request accommodation assistance.
All applicants applying must be legally authorized to work in the country of employment.