Job Description

XPO India Shared Services

Job Title: Lead Engineer, Active Directory

Reports to: Manager, Technology Infrastructure

Job Grade: Assigned by Comp.


Job Code:

FLSA Status: Exempt


FLSA Category, if Exempt: Assigned by Comp.


EEO Category: Assigned by Comp

Prepared By: Mark Sobczak

Date Approved: Entered by Comp.


Approved By: Entered by Comp.

GENERAL DESCRIPTION:


The Lead Engineer, Active Directory provides strategic and technical leadership in the design, implementation, and optimization of the enterprise Active Directory environment. This senior-level role ensures the stability, scalability, and security of the identity and access management services, aligning directory architecture with business needs and industry best practices. Responsibilities include review design of existing Active Directory environments, collaborating with cross-functional teams to deliver scalable and resilient identity solutions, leveraging automation and scripting, evaluating system performance, resolving complex issues, performing large-scale domain consolidations, and contributing to continuous improvement initiatives aligned with business needs.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  • Design and maintain a highly available, secure, and scalable Active Directory systems, including forests, domains, and trusts

  • Develop long-term strategies for AD modernization, including cloud and hybrid identity integration (e.g., Azure AD, Entra ID)

  • Define and enforce Group Policy Objects (GPO) standards for authentication, password policies, and privileged access management

  • Implement and maintain AD-based activation, robust security controls for AD, including delegation models, RBAC, and auditing

  • Collaborate with security teams to ensure compliance with regulatory frameworks (e.g., SOX, HIPAA, PCI DSS)

  • Lead large-scale AD migrations, consolidations, and upgrades (e.g., forest/domain redesign, Windows Server upgrades)

  • Serve as the highest-level escalation point for complex directory issues and outages

  • Produce and maintain comprehensive architecture diagrams, policies, and operational documentation

  • Mentor and guide engineers and administrators on best practices for AD operations

    • SUPERVISORY RESPONSIBILITIES:

  • This Job has no supervisory responsibilities.

    • DECISION-MAKING RESPONSIBILITIES:

  • This Job has no decision-making responsibilities.

    • EDUCATION/EXPERIENCE:

  • Minimum Required Education: Bachelor’s degree or equivalent related work or military experience

  • Minimum Required Experience: 5 years of experience managing Active Directory environments

  • Desirable Education/Experience:
  • In-depth understanding of: AD Site component topology; Forest/Inter-Forest Operations and Topology; AADConnect; AD and Azure Environment Security; strong knowledge and experience with Group Policy management
    Expert Knowledge of AD on Windows Server 2016 and newer
    Strong experience with DNS management
    Strong experience with AD security policies and service accounts management
    Experience with CyberArk
    Experience with Saviynt Identity Manager
    Experience with VMWare environments
    Experience with Citrix Environments

    • CERTIFICATES AND LICENSES:


    Desireable Certifications

  • Microsoft Certified: Identity and Access Administrator Associate

  • Microsoft Certified: Windows Server Hybrid Adminstrator Associate

  • Microsoft Certified Solutions Expert (MCSE) or legacy MCSA

    • JOB RELATED COMPETENCIES:


    To perform the job successfully, an individual should demonstrate the following competencies:

  • Analytical Skills – Identifies and resolves problems
    Demonstrates attention to detail
    Identifies opportunities to increase accuracy and optimize resources and develops/recommends/implements solutions
    Strong aptitude for understanding and performing analysis of data, processes, policies, procedures and/or systems
  • Composes thorough and detailed written technical documentation, procedures, manuals, etc.
  • Communication Skills –
  • Writes clearly and informatively while editing work for spelling and grammar mistakes
    Presents organized and thorough information and data appropriate for intended audience
    Utilizes variety of interpersonal styles and communication methods to effectively adapt to new work structures, processes, or cultures
    Demonstrates group presentation skills and excellent negotiation skills to deal effectively with individuals and groups within and outside the organization
  • Time Management Skills –
  • Demonstrates follow-up skills
    Provides timely and professional support to all internal/external customers and vendors
    Prioritizes regular workload, special tasks and concurrent projects, allocating time and resources to ensure that work is completed accurately and efficiently within established time frame
  • Other – Self-motivated
    Team-oriented - Consults with Team members and management as needed to complete assigned responsibilities
    Works with minimal supervision
    Establishes and maintains effective, collaborative work relationships both internally and externally
    Maintains strict confidentiality

    • Technical Competencies:

  • Deep expertise in Active Directory architecture, security and replication
    Strong knowledge of DNS, DHCP, PKI, Kerberos, LDAP, and federation technologies (ADFS, SAML, OAuth)
    Experience with Azure AD/Entra ID, cloud integrations, and identity governance
    Excellent analytical, problem-solving, and project management skills
    Effective communication and leadership abilities to influence technical and non-technical stakeholders

    • WORK ENVIRONMENT & PHYSICAL DEMANDS:

  • Work Space Office / cubicle workspace with moderate noise level
    Hybrid

  • Hours of Work/Travel Extended hours including weekends
    Hours vary to cover nights and weekends, early mornings and evenings
    Provide on-call or after-hours support during maintenance windows, emergencies/outages, or system upgrades

  • Physical Activity Able to lift up to 50 pounds
    Spend extended periods at a computer workstation

    • XPO is an Equal Employment Opportunity Employer (M/F/V/H)

    Apply for this Position

    Ready to join ? Click the button below to submit your application.

    Submit Application