Job Description
Key/Major Activities Core AD Management
Manage and support Active Directory Domain Services (AD DS) in multi-domain/multi-forest environments Perform forest/domain design, schema management, and trust relationships Handle Group Policy design, deployment, and troubleshooting L3/L4 Support & Troubleshooting Act as escalation point for complex AD issues (replication, authentication, DNS, Kerberos) Perform root cause analysis (RCA) and implement permanent fixes Troubleshoot: o AD replication failures o GPO inconsistencies o Login/authentication issues o Domain controller performance Infrastructure & Core Services Manage: o Domain Controllers (physical/virtual/cloud) o DNS (integrated with AD) o DHCP integration (if applicable) Perform AD health checks and audits Security & Compliance Implement AD security best practices: o Tiered administration model o Privileged access management (PAM) o Secure domain controllers Manage: o Security groups o Delegation models o Access controls Directory Services Enhancements Support hybrid identity: o Azure AD / Entra ID integration o Azure AD Connect Implement: o SSO (Single Sign-On) o MFA integrations Automation & Optimization Develop automation using: o PowerShell scripting Improve system reliability and reduce manual interventions Change & Incident Management Participate in: o CAB meetings o Change implementation Maintain documentation, SOPs, and runbooks Technical Skills Must-Have Skills Strong expertise in: o Active Directory (AD DS) o Group Policy o DNS (Windows-based) Deep understanding of: o AD replication o Kerberos authentication o LDAP Advanced Skills (L4 Expectation) AD Forest/Domain migrations Disaster recovery for AD (authoritative/non-authoritative restore) AD site topology design Security hardening (CIS benchmarks preferred) Good to Have Azure AD / Entra ID Azure AD Connect Identity Federation (ADFS) M365 Identity integration Certificates (AD CS) SCCM / Intune integration Tools & Technologies PowerShell scripting Active Directory Administrative Center AD Replication tools (repadmin, dcdiag) DNS Manager Monitoring tools Microsoft Certifications (one or more): SC-300 Identity & Access Administrator AZ-305 / AZ-104 AZ-800 & AZ-801 MS-102 (Microsoft 365 Administrator) ITIL Certified Legacy but valuable: MCSE: Identity / Server Infrastructure Experience in large enterprise-scale environments Experience with Red Forest / hardened identity models. Knowledge of PKI, certificates, and MFA systems. Automation and Scripting Monitoring and Reporting Maintain highly available AD infrastructure with minimal downtime. Ensure zero-impact forest/domain upgrades and migrations. Resolve P1/P2 tickets within SLA. Automate repetitive tasksreduce manual interventions by 4060%. Conduct monthly AD health and security reports. Implement secure baselines and eliminate high-risk findings. Optional Add-ons (Customize if needed) On-call / 24x7 support requirement Shift-based support Global infrastructure support Behavioural Skills High availability and performance of AD services Zero/Minimal unplanned downtime Timely resolution of L3/L4 incidents Secure and compliant AD infrastructure Ability to lead crisis troubleshooting and restore services quickly. Strong documentation, architecture diagramming, and SOP creation. Cross-team collaboration (Security, Network, Apps, Cloud). Mentorship for junior engineers. Ability to handle on-call rotation and critical outages. Strong analytical and problem-solving mindset.About Company
Tata Communications is a digital ecosystem enabler that powers today’s fast-growing digital economy. We enable the digital transformation of enterprises globally, including 300 of the Fortune 500. We carry around 30% of the world’s internet routes and connects businesses to 60% of the world’s cloud giants.
We have been a part of the rich heritage of the internet in India. Over the last 25 years, enterprise-enabled services have been essential to the adoption of digital services in the country. Connectivity is an essential fabric of sustenance for the economy. We are committed to enabling Industry leaders in this New World of Communications™, with our unique promise of delivering secure connected digital experiences.
In 2020, we announced the launch of ‘Secure Connected Digital Experience’ (SCDx), a proposition intended to meet this growing, worldwide demand for new ways of operating, which includes far higher levels of working from home, rising security risks, a shift to digital commerce, and more contactless experiences. It will help companies currently relying on short-term fixes by providing holistic, secure, enterprise-level digital solutions that address current challenges and are fit for the long term.
