All roles

Cloud Solution Architect (CSA) – Active Directory, ADFS & MFA

Remote · USA Full-time New today

Job Title: Cloud Solution Architect (CSA) – Active Directory, ADFS & MFA

Job Description

Cloud Solution Architect (CSA) – Active Directory, ADFS & MFA Role Summary The Cloud Solution Architect (CSA) for Active Directory (AD), Active Directory Federation Services (ADFS), and Multi Factor Authentication (MFA) is a customer facing technical leader responsible for guiding enterprise customers to a secure, resilient, and modern identity platform. The CSA acts as a trusted advisor, delivering proactive, outcome based engagements across on premises AD, hybrid identity, federation, and strong authentication. This role supports customers in modernizing identity, securing access, and transitioning from legacy federation to Microsoft Entra ID while maintaining operational excellence. ________________________________________

Key Responsibilities

Identity Architecture & Design

  • Design and validate Active Directory Domain Services (AD DS) architectures, including single forest, multi forest, and multi domain environments
  • Architect secure federation solutions using ADFS and guide customers through ADFS modernization and deprecation paths
  • Design hybrid identity solutions integrating on prem AD with Microsoft Entra ID
  • Ensure identity architectures align with Zero Trust and Microsoft security best practices

________________________________________ ADFS & Federation Services

  • Design, deploy, and configure ADFS (2016 / 2019 / 2022 / 2025) environments
  • Lead ADFS farm upgrades, migrations, and high availability designs
  • Support Relying Party Trusts, Claims Rules, and Access Control Policies
  • Guide customers in migrating applications from ADFS to Microsoft Entra ID
  • Collaborate with security teams to ensure secure federation designs

________________________________________ MFA & Secure Authentication

  • Design and implement Multi Factor Authentication (MFA) solutions across:

o ADFS protected applications o Hybrid and cloud identities

  • Assist customers with MFA provider integration, policy design, and enforcement
  • Troubleshoot complex authentication failures (Kerberos, NTLM, claims based auth)
  • Guide customers on conditional access and strong authentication strategies

________________________________________ Security, Hardening & Identity Protection

  • Remediate findings from Active Directory security assessments
  • Advise on:

o Privileged access models (Tiering) o Delegation and role separation o Secure administrative practices

  • Support identity hardening, audit policy tuning, and event monitoring
  • Provide guidance on identity compromise recovery scenarios

________________________________________ Operations, Recovery & Troubleshooting

  • Troubleshoot:

o AD replication and SYSVOL issues o Authentication and trust failures o Domain controller performance issues

  • Guide customers on:

o AD forest and object recovery o Patch management and change control o Upgrade planning and functional level raises ________________________________________ Customer Engagement & Delivery

  • Deliver structured Microsoft engagements (assessments, accelerators, workshops)
  • Act as a trusted technical advisor to customer architects and leadership
  • Collaborate with Account Teams, CSAMs, and Engineering to unblock customer scenarios
  • Contribute to technical readiness, documentation, and internal knowledge sharing

________________________________________ Required Technical Skills (300–400 Level) Active Directory

  • AD DS architecture and design
  • Group Policy strategy and troubleshooting
  • DNS integration and AD aware networking
  • PowerShell scripting for identity automation

ADFS

  • Federation service design and HA
  • Claims and Access Control Policies
  • ADFS upgrade and migration strategies

MFA & Identity Security

  • MFA design and enforcement
  • Authentication flows (Kerberos, NTLM, claims)
  • Hybrid identity synchronization

________________________________________

Preferred Qualifications

  • 5+ years in enterprise identity or customer facing technical roles
  • Strong experience with hybrid identity and identity security
  • Microsoft certifications in Identity, Security, or Windows Server (preferred)
  • Experience guiding customers through identity modernization journeys

Location: EGY Work-at-Home Language Requirements: Time Type: Full time Apply To This Job

Apply

Related roles

Medical Science Liaison, Neuropsychiatry (NYC)

Remote · USA Full-time

Momentum Training Specialist

Remote · USA Full-time

Senior Director, Healthcare Analytics - Value Based Contracting

Remote · USA Full-time

Marketing & Communications Specialist

Remote · USA Full-time

Director, Service Delivery

Remote · USA Full-time

Platform Professional Services Associate Consultant (Remote, CAN)

Remote · USA Full-time

Consulting: Manager, Marketing Data & Analytics

Remote · USA Full-time

Contract Development Specialist

Remote · USA Full-time

Licensing Executive - Microsoft

Remote · USA Full-time

Oncology Territory Manager, Solid Tumor - Jacksonville FL

Remote · USA Full-time

Account Supervisor, Professional Services

Remote · USA Full-time

Pampangan Interpreter

Remote · USA Full-time

Experienced Web Chat Representative – Customer Support and Service Excellence at arenaflex

Remote · USA Full-time

Experienced Customer Solution Agent – Delivering Exceptional Online Shopping Experiences

Remote · USA Full-time

Sales-Trainee (m/w/d) Finanzdienstleistung – leistungsbasiertes Einkommen (German Speaking)

Remote · USA Full-time

Full Stack Software Engineer

Remote · USA Full-time

Experienced Pharmacy Technician - Data Entry Specialist for arenaflex

Remote · USA Full-time

Azure Cloud Specialist (Terraform, AKS, Entra ID- 100% Remote/Contract-to-Hire)

Remote · USA Full-time

Registered Nurse (RN) | Work from home | $34/hr...

Remote · USA Full-time

Clinical Content Editor - PGY-1/Medical Students

Remote · USA Full-time