REMOTE!! Active Directory Infrastructure Engineer(NERC CIP Compliant SME)

Trail Blazer Consulting LLC Logo
Trail Blazer Consulting LLC
United States (Remote)
  • Finance
  • Applications have closed

Job title: Active Directory Infrastructure Engineer

Location- remote

Interview mode- virtual

Duration: 6+ Months

Active Directory Infrastructure Engineer (NERC CIP Compliant SME)

++Overview:++

We are seeking senior infrastructure engineers with deep expertise in Microsoft Active Directory design and deployment within regulated environments. These resources will architect, build, and configure 8 new on-premises Active Directory domains supporting real-time operational systems in compliance with NERC CIP standards. Candidates must combine technical mastery of AD with knowledge of regulatory controls, audit readiness, and secure architecture.

++Responsibilities:++

  • Architect and deploy 8 new AD domains in compliance with NERC CIP controls.
  • Design and configure trust relationships, DNS, and replication to enable secure inter-domain communication.
  • Implement least-privilege access, role-based delegation, and hardened GPO policies aligned with NERC CIP requirements.
  • Work closely with compliance, network, and security teams to validate configuration against CIP controls.
  • Develop and maintain audit documentation (policies, runbooks, change logs, baseline configs).
  • Provide evidence of compliance readiness (screenshots, logs, reports) as part of the project deliverables.
  • Ensure AD monitoring, logging, and retention meet regulatory mandates.
  • Deliver knowledge transfer and training to internal staff to maintain compliance post-deployment.

++Required Skills:++

  • 7 10 years enterprise IT infrastructure experience.
  • SME-level Microsoft Active Directory knowledge (domain creation, forests, trusts, DNS, replication).
  • Experience deploying AD in regulated industries (energy, financial, healthcare).
  • Strong knowledge of NERC CIP standards (CIP-005, CIP-007, CIP-010, CIP-011 especially).
  • Familiarity with access control methods: MFA, privileged account management, secure password policies.
  • Windows Server 2016/2019/2022 enterprise environments.
  • PowerShell scripting for automation and compliance evidence gathering.
  • Strong troubleshooting skills across DNS, Kerberos, authentication, and replication.

++Preferred:++

  • Prior direct experience in utility OT/ICS environments.
  • Integration with SIEM and logging solutions (Splunk, QRadar, Sentinel).
  • VMware/Hyper-V infrastructure familiarity.
  • PKI/Certificate Services design and management.
  • Audit prep experience with regulators.
Apply for job