Citi Group Senior Active Directory Integration Engineer VP/Hybrid 

Singapore, Singapore 

516282646

As a senior engineer, you will be responsible for the build and integration of multi-domain, multi-regional Active Directory services, driving infrastructure migration, and coordinating tech refresh projects. You will be reporting to the Regional Manager and be part of a Global team of Active Directory integration engineers.

• Build and deploy solutions to support a global Identity management system that includes Active Directory, Azure Active Directory, and, multi-factor authentication.

• Manage Active Directory migration projects, including planning, execution, and testing.

• Coordinate tech refresh projects, including planning, execution, and testing.

• Ensure Active Directory security, group policy, and compliance.

• Troubleshoot Active Directory issues and perform root cause analysis to ensure timely resolution.

• Collaborate with cross-functional teams to ensure seamless integration.

• Develop and maintain documentation of Active Directory infrastructure and processes.

• Function as an Infrastructure Subject Matter Expert (SME) for the infrastructure under your responsibility

• Coordinate with Operations teams to perform post-deployment testing of solutions in individual environments.

• Engage with strategic vendors, external to the organization, to investigate problems and understand product functionality, influence enhancements and roadmap as required to meet organizational goals.

• Lead initiatives to develop/enhance tools for system monitoring and maintenance improvements.

• Risk and Compliance – Partner closely with other infrastructure teams to build systemic process that help maintain Citi’s system desired state and enforce compliance.​

• Document resolutions in knowledge base tools.

• 10+ years’ experience in building and/or supporting enterprise application infrastructure preferably in a global financial services organization.

• At least 5+ years’ experience in one or more of the following:

  • Multi-forest, multi-domain on-premises enterprise Active Directory integration, migration, and deployment

  • Microsoft Azure Active Directory integration

  • Microsoft Office 365 integration

• Experience in one or more of the following:

  • Azure Active Directory Connect

  • Pass-Thru Authentication (PTA)/Password hash Sync (PHS)

  • Azure/Azure AD Role Based Access Control (RBAC) & Azure Privileged Identity Management (PIM)

  • Azure Multi-Factor Authentication (MFA)

  • Licensing & Conditional Access Policies

  • Express Routes

  • Azure subscriptions & resource groups

  • AD Kerberos and LDAP

• Good understanding of AD architecture, design, and implementation

• Good understanding of AD security, group policy, and troubleshooting

• Proficiency in AD migration tools and techniques (e.g., ADMT, Quest)

• Experience in coordinating and driving tech refresh projects.

• Strong problem-solving skills and attention to detail.

• Solid project management skills and able to track and report multiple projects at the same time.

• Experience in writing and evaluating technical and functional documents/requirements.

• Excellent communication and collaboration skills

• Knowledge of PowerShell scripting and automation

• Familiarity with other directory services (e.g., LDAP, Novell)

• Experience with identity management and access control concepts

• Certification in Microsoft Active Directory (e.g., MCSA, MCSE)

• Experience with IT service management frameworks (e.g., ITIL)

Time Type:

View the " " poster. View the .

View the .

View the