Security Engineer-Active Directory UNIMORPH CONSULTING LLP

About UNIMORPH CONSULTING LLP

Job Description

As a Hiring Partner we are hiring Active Directory Security Engineer this is direct and full time with the hiring organization.

interested candidates can share word format resume with ctc and np details at : info@unimorphtech.com

Role : Active Directory Security Engineer
Exoerience : 8-12 Yrs
Location : Chennai

We are seeking an expert-level Active Directory Security Engineer with extensive experience in securing both on-premises Active Directory and Microsoft Entra ID (Azure AD). The role is responsible for implementing hardening measures, monitoring security, and defending the environment against sophisticated cyber threats, including malicious hackers and ransomware attacks. The ideal candidate will work to ensure that the Active Directory infrastructure remains robust, secure, and compliant with organizational and regulatory standards.

# As the AD Security Engineer, key responsibilities include:

• Lead the hardening of Active Directory environments, implementing best practices and security baselines.
• Develop and enforce policies for privileged access management, least privilege, and role-based access control (RBAC).
• Monitor and respond to security incidents targeting Active Directory and Entra ID.
• Implement and manage Advanced Threat Analytics (ATA), Microsoft Defender for Identity, and other monitoring tools to detect suspicious activities.
• Proactively assess vulnerabilities and patch weaknesses in AD configurations.
• Conduct Active Directory security audits and penetration tests, identifying and mitigating risks.
• Implement tiered administrative models and enforce secure administrative practices.
• Design and manage Conditional Access Policies, Identity Protection, and Access Reviews in Microsoft Entra ID.
• Collaborate with the SOC and Incident Response teams to investigate and mitigate attacks targeting AD, such as pass-the-hash, golden ticket, and DCSync.
• Stay ahead of evolving threats, ensuring proactive defense against red team and advanced persistent threats (APTs).

Experience :

• 7+ years of hands-on experience managing and securing on-premises Active Directory and Microsoft Entra ID.
• Expert-level knowledge of LDAP, Kerberos, NTLM, and authentication protocols.
• Proficiency in securing hybrid environments and tools such as AD Connect.
• Deep understanding of red team attack vectors, including credential theft, lateral movement, and persistence mechanisms.
• Hands-on experience with security tools such as Sysinternals, BloodHound, PingCastle, and Purple Knight.
• Advanced skills in PowerShell scripting for security automation and hardening.
• Strong knowledge of regulatory compliance standards such as NIST, CIS, GDPR, and SOX.
• Strong analytical and critical-thinking abilities.
• Excellent communication and collaboration skills, with experience working with technical and non-technical teams.
• Ability to work under pressure and manage competing priorities.

# PREFERRED CERTIFICATIONS

• Microsoft Certified: Cybersecurity Architect Expert
• Certified Information Systems Security Professional (CISSP)
• GIAC Certified Windows Security Administrator (GCWN)
• Offensive Security Certified Professional (OSCP)
•