Jobs via Dice
1 day ago Be among the first 25 applicants
Dice is the leading career destination for tech experts at every stage of their careers. Our client, New York Technology Partners, is seeking the following. Apply via Dice today!
Job Summary:
We are seeking a senior consultant to assess, remediate, and optimize our
Active Directory (AD DS)
estate in a
hybrid
configuration with
Microsoft Entra ID . The engagement covers
AD design and health ,
replication between sites ,
DNS/DHCP ,
Active Directory Certificate Services (AD CS/CA) ,
comanagement (ConfigMgr + Intune) , and security hardening. You will lead a focused review, define an action plan with clear priorities, and
execute
the agreed remediations in partnership with an assigned internal team.
Key Responsibilities
Currentstate assessment: Document AD forest/domain topology, sites/subnets, trust model, FSMO placement, replication health, SYSVOL (DFSR), and GPO landscape; evaluate hybrid identity (Entra Connect/Cloud Sync, PHS/PTA, Seamless SSO, Hybrid/Azure AD Join). Stability & performance: Improve intersite replication, site design, and logon performance; rationalize GPOs; standardize DC build/patch/baseline; ensure time/NTFS/DFS settings are correct. Core services: Review and optimize DNS (forwarders, scavenging, splitbrain, conditional forwarding), DHCP (failover, reservations, authorization), and AD CS (PKI hierarchy, CRL/OCSP, key rollovers, certificate templates). Hybrid & comanagement: Validate Intune/ConfigMgr comanagement boundaries and device join, certificate delivery, and policy conflicts; recommend workload split and device compliance improvements. Security & governance: Implement tiering/leastprivilege, PIM/PAM patterns, admin tier separation, LAPS/Windows LAPS, service account hardening, audit/monitoring, backup & forest recovery readiness. Remediation plan & delivery: Produce a prioritized backlog with risks, effort, dependencies, and rollback; execute changes via change control with our internal team; provide runbooks and knowledge transfer. Documentation & handover: Deliver updated asbuilt, standards, and SOPs; train operations on monitoring (dcdiag/repadmin/Eventing), backup/restore drills, and ongoing hygiene.
Required Qualifications
10+ years deep experience designing and remediating enterprise AD across multisite environments, including hybrid identity with Microsoft Entra. Proven track record delivering assessplanfix engagements for AD, DNS/DHCP, and AD CS in regulated/global organizations. Handson expertise with: Windows Server (2016/2019/2022) DCs; Entra Connect/Cloud Sync; Hybrid/Azure AD Join; DFSR/SYSVOL; Group Policy refactoring; DHCP failover; PKI operations. Strong security background (tiered admin model, privileged access, GPO security baselines, backup & forest recovery). Excellent stakeholder communication; ability to lead mixed vendor/internal teams and land changes through formal change management.
Preferred / Nice To Have
Relevant Microsoft certifications (e.g., Windows Server Hybrid Administrator Associate AZ800/801; Identity & Access Administrator SC300) and/or CISSP. Experience stabilizing comanagement (Microsoft Intune + Configuration Manager), Autopilot, device compliance, and certificate delivery to clients. Familiarity with monitoring/automation (PowerShell/Desired State Configuration), and with audit/compliance needs (e.g., GDPR, SOX) in identity platforms.
Deliverables & Success Measures
Assessment report with heatmap of risks and quickwins vs. strategic items. Remediation backlog & roadmap, including dependencies, test/rollback plans, and acceptance criteria. Executed stabilization and hardening actions (e.g., replication errors to zero, GPO drift reduced, PKI CRL/OCSP health, DHCP failover verified). Operational runbooks and knowledge transfer sessions; updated architecture and SOPs. Demonstrable improvement in AD/Hybrid identity health KPIs (replication, logon, join/compliance, certificate issuance), incident reduction, and audit readiness.
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Consulting, Information Technology, and Sales Industries Software Development Referrals increase your chances of interviewing at Jobs via Dice by 2x Get notified about new Consultant jobs in
Exton, PA . Consultant - Primary Market Research (Remote)
Montgomery County, PA $65,100.00-$80,000.00 1 day ago Sr. Enterprise Continuous Improvement Consultant
Radnor, PA $93,300.00-$169,700.00 2 days ago Contamination Control Risk Assessment & Strategy Consultant
SuccessFactors Payroll Tips Consultant - 100% Remote
Villanova, PA $64,000.00-$80,000.00 3 weeks ago Wilmington, DE $55,000.00-$127,400.00 3 months ago Clinical Implementation Consultant (REMOTE)
Malvern, PA $86,700.00-$130,000.00 1 week ago Business transformation, Healthcare Provider Operations -Senior
Philadelphia, PA $96,300.00-$176,500.00 19 hours ago SALES CONSULTANT – MINI OF THE MAIN LINE Join the Top MINI Dealership in the Tri-State Area!
Bala-Cynwyd, PA $50,000.00-$175,000.00 6 days ago Sales Operations Business Partner Senior Specialist
Newtown Square, PA $128,253.00-$170,000.00 3 weeks ago West Chester, PA $100,000.00-$173,500.00 1 week ago Omni- Junior Trader- Associate / Sr. Associate
Wilmington, DE $160,000.00-$240,000.00 3 days ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Job Summary:
We are seeking a senior consultant to assess, remediate, and optimize our
Active Directory (AD DS)
estate in a
hybrid
configuration with
Microsoft Entra ID . The engagement covers
AD design and health ,
replication between sites ,
DNS/DHCP ,
Active Directory Certificate Services (AD CS/CA) ,
comanagement (ConfigMgr + Intune) , and security hardening. You will lead a focused review, define an action plan with clear priorities, and
execute
the agreed remediations in partnership with an assigned internal team.
Key Responsibilities
Currentstate assessment: Document AD forest/domain topology, sites/subnets, trust model, FSMO placement, replication health, SYSVOL (DFSR), and GPO landscape; evaluate hybrid identity (Entra Connect/Cloud Sync, PHS/PTA, Seamless SSO, Hybrid/Azure AD Join). Stability & performance: Improve intersite replication, site design, and logon performance; rationalize GPOs; standardize DC build/patch/baseline; ensure time/NTFS/DFS settings are correct. Core services: Review and optimize DNS (forwarders, scavenging, splitbrain, conditional forwarding), DHCP (failover, reservations, authorization), and AD CS (PKI hierarchy, CRL/OCSP, key rollovers, certificate templates). Hybrid & comanagement: Validate Intune/ConfigMgr comanagement boundaries and device join, certificate delivery, and policy conflicts; recommend workload split and device compliance improvements. Security & governance: Implement tiering/leastprivilege, PIM/PAM patterns, admin tier separation, LAPS/Windows LAPS, service account hardening, audit/monitoring, backup & forest recovery readiness. Remediation plan & delivery: Produce a prioritized backlog with risks, effort, dependencies, and rollback; execute changes via change control with our internal team; provide runbooks and knowledge transfer. Documentation & handover: Deliver updated asbuilt, standards, and SOPs; train operations on monitoring (dcdiag/repadmin/Eventing), backup/restore drills, and ongoing hygiene.
Required Qualifications
10+ years deep experience designing and remediating enterprise AD across multisite environments, including hybrid identity with Microsoft Entra. Proven track record delivering assessplanfix engagements for AD, DNS/DHCP, and AD CS in regulated/global organizations. Handson expertise with: Windows Server (2016/2019/2022) DCs; Entra Connect/Cloud Sync; Hybrid/Azure AD Join; DFSR/SYSVOL; Group Policy refactoring; DHCP failover; PKI operations. Strong security background (tiered admin model, privileged access, GPO security baselines, backup & forest recovery). Excellent stakeholder communication; ability to lead mixed vendor/internal teams and land changes through formal change management.
Preferred / Nice To Have
Relevant Microsoft certifications (e.g., Windows Server Hybrid Administrator Associate AZ800/801; Identity & Access Administrator SC300) and/or CISSP. Experience stabilizing comanagement (Microsoft Intune + Configuration Manager), Autopilot, device compliance, and certificate delivery to clients. Familiarity with monitoring/automation (PowerShell/Desired State Configuration), and with audit/compliance needs (e.g., GDPR, SOX) in identity platforms.
Deliverables & Success Measures
Assessment report with heatmap of risks and quickwins vs. strategic items. Remediation backlog & roadmap, including dependencies, test/rollback plans, and acceptance criteria. Executed stabilization and hardening actions (e.g., replication errors to zero, GPO drift reduced, PKI CRL/OCSP health, DHCP failover verified). Operational runbooks and knowledge transfer sessions; updated architecture and SOPs. Demonstrable improvement in AD/Hybrid identity health KPIs (replication, logon, join/compliance, certificate issuance), incident reduction, and audit readiness.
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Consulting, Information Technology, and Sales Industries Software Development Referrals increase your chances of interviewing at Jobs via Dice by 2x Get notified about new Consultant jobs in
Exton, PA . Consultant - Primary Market Research (Remote)
Montgomery County, PA $65,100.00-$80,000.00 1 day ago Sr. Enterprise Continuous Improvement Consultant
Radnor, PA $93,300.00-$169,700.00 2 days ago Contamination Control Risk Assessment & Strategy Consultant
SuccessFactors Payroll Tips Consultant - 100% Remote
Villanova, PA $64,000.00-$80,000.00 3 weeks ago Wilmington, DE $55,000.00-$127,400.00 3 months ago Clinical Implementation Consultant (REMOTE)
Malvern, PA $86,700.00-$130,000.00 1 week ago Business transformation, Healthcare Provider Operations -Senior
Philadelphia, PA $96,300.00-$176,500.00 19 hours ago SALES CONSULTANT – MINI OF THE MAIN LINE Join the Top MINI Dealership in the Tri-State Area!
Bala-Cynwyd, PA $50,000.00-$175,000.00 6 days ago Sales Operations Business Partner Senior Specialist
Newtown Square, PA $128,253.00-$170,000.00 3 weeks ago West Chester, PA $100,000.00-$173,500.00 1 week ago Omni- Junior Trader- Associate / Sr. Associate
Wilmington, DE $160,000.00-$240,000.00 3 days ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr