[Remote] Active Directory Federation Service Customer Engineer
Note: The job is a remote job and is open to candidates in USA. JDA TSG equips major brands with specialized talent and business-process expertise. They are seeking an Active Directory Federation Service Customer Engineer to guide Fortune-1000 enterprises in achieving a secure identity posture across hybrid and cloud environments.
Responsibilities
- Active Directory Federation Services Assessment Onboarding Accelerator
- Migrate and Protect Applications with Entra Architecture Service
- Migrate and Protect Applications with Entra Technical Blocker Mitigation
- Microsoft Active Directory Show Technical Ability
- Microsoft Active Directory On-Demand Assessment
- Active Directory Security On-Demand Assessment - Active Directory
- Lead and execute ADFS-to-ADFS version migrations and server farm upgrades
- Migrate enterprise applications and service providers from ADFS to Entra ID
- Understand and assist in writing claims and Access Control Policies for Relying Party Trusts
- Understand and assist in transitioning Issuance Authorization Rules to Access Control Policies
- Understand and assist in setting up multifactor authentication providers for Relying Party Trusts
- Collaborate with architecture and security teams to ensure secure and compliant federation designs
- Perform troubleshooting of claims, authentication flows, and certificate-related issues
- Support certificate rollover processes and update relying party trust metadata
- Provide knowledge transfer and training to customer teams
- Act as a trusted advisor in federation and hybrid identity projects
- Understand multi-domain and forest design concepts
- Support authentication and trust planning
- Understand OU design and delegation strategies
- Work with Entra Connect and directory synchronization
- Use basic PowerShell for administration and automation tasks
- Troubleshoot replication and authentication issues
Skills
- 10 - 15+ years of hands-on experience in Active Directory
- 7 - 10 years of experience in design, deploy, and configure ADFS environments (2016/2019/2022/2025) for new and existing customers
- Lead and execute ADFS-to-ADFS version migrations and server farm upgrades
- Migrate enterprise applications and service providers from ADFS to Entra ID
- Understand and assist in writing claims and Access Control Policies for Relying Party Trusts
- Understand and assist in transitioning Issuance Authorization Rules to Access Control Policies
- Understand and assist in setting up multifactor authentication providers for Relying Party Trusts
- Collaborate with architecture and security teams to ensure secure and compliant federation designs
- Perform troubleshooting of claims, authentication flows, and certificate-related issues
- Support certificate rollover processes and update relying party trust metadata
- Provide knowledge transfer and training to customer teams
- Act as a trusted advisor in federation and hybrid identity projects
- Understand multi-domain and forest design concepts
- Support authentication and trust planning
- Understand OU design and delegation strategies
- Work with Entra Connect and directory synchronization
- Use basic PowerShell for administration and automation tasks
- Troubleshoot replication and authentication issues
- Familiarity with Entra ID licensing tiers (Free, P1, P2)
- Understand role-based access control (RBAC) concepts
- Knowledge of authentication models
- Basic understanding of device management concepts
- Experience syncing Active Directory identities
- Familiarity with Entra Password Protection
- Basic understanding of Active Directory Certificate Services (AD CS)
- Familiarity with Defender for Identity
- Understanding of Active Directory security principles
- Experience remediating security assessment findings
- Ability to tune audit policies
- Knowledge of event forwarding
- Understanding password policy best practices, including fine-grained password policies
- Experience applying security baselines
Company Overview