Cloud Solution Architect (CSA) – Active Directory, ADFS & MFA

Job Title:

Job Description

• Design and validate Active Directory Domain Services (AD DS) architectures, including single forest, multi forest, and multi domain environments

• Architect secure federation solutions using ADFS and guide customers through ADFS modernization and deprecation paths

• Design hybrid identity solutions integrating on prem AD with Microsoft Entra ID

• Ensure identity architectures align with Zero Trust and Microsoft security best practices

• Design, deploy, and configure ADFS (2016 / 2019 / 2022 / 2025) environments

• Lead ADFS farm upgrades, migrations, and high availability designs

• Support Relying Party Trusts, Claims Rules, and Access Control Policies

• Guide customers in migrating applications from ADFS to Microsoft Entra ID

• Collaborate with security teams to ensure secure federation designs

• Design and implement Multi Factor Authentication (MFA) solutions across:

• Assist customers with MFA provider integration, policy design, and enforcement

• Troubleshoot complex authentication failures (Kerberos, NTLM, claims based auth)

• Guide customers on conditional access and strong authentication strategies

• Remediate findings from Active Directory security assessments

• Advise on:

• Support identity hardening, audit policy tuning, and event monitoring

• Provide guidance on identity compromise recovery scenarios

• Troubleshoot:

• Guide customers on:

• Deliver structured Microsoft engagements (assessments, accelerators, workshops)

• Act as a trusted technical advisor to customer architects and leadership

• Collaborate with Account Teams, CSAMs, and Engineering to unblock customer scenarios

• Contribute to technical readiness, documentation, and internal knowledge sharing

• AD DS architecture and design

• Group Policy strategy and troubleshooting

• DNS integration and AD aware networking

• PowerShell scripting for identity automation

• Federation service design and HA

• Claims and Access Control Policies

• ADFS upgrade and migration strategies

• MFA design and enforcement

• Authentication flows (Kerberos, NTLM, claims)

• Hybrid identity synchronization

• 5+ years in enterprise identity or customer facing technical roles

• Strong experience with hybrid identity and identity security

• Microsoft certifications in Identity, Security, or Windows Server (preferred)

• Experience guiding customers through identity modernization journeys

Location:

Language Requirements:

Time Type: