Directory Services Architect
Workplace: Sweden
Expires: September 7, 2025
Join Epical as a Directory Services Architect to lead the implementation of identity management solutions including Active Directory, federation, authentication, and authorization for identities and devices in complex, high-security environments. Leverage your expertise in Public Key Infrastructure and identity technologies to support secure and efficient digital identity management.
Main requirements:
  • At least 10 years of expert-level experience with Active Directory Domain Services (AD DS) including implementation, design, and securing.
  • Minimum 3 years designing and implementing Microsoft Legacy Tier Model or Enterprise Access Model with Privilege Access Workstations (PAWs).
  • At least 5 completed projects related to Active Directory Domain Services.
  • At least 3 projects since 2018 involving AD DS and security tier model implementations.
  • Minimum 3 years experience with Public Key Infrastructure (PKI) related to AD DS, including Smart Card or Yubikey authentication.
  • At least 3 years technical expertise in DNS.
  • Excellent knowledge of Windows Server and Windows Client, Group Policy, and advanced troubleshooting.
  • Good knowledge of authentication/authorization protocols such as NTLM, Kerberos, SAML, OAuth2, and OIDC.
  • Good knowledge of network segmentation, IPSec in Windows Firewall, domain and server isolation, and 802.1x.
  • Fluent English, speaking and writing.
Responsibilities:
  • Create technical designs based on customer requirements and demands.
  • Manage delivery of architectural and technical solutions ensuring practical implementation.
  • Stay updated on vulnerabilities and threats in the identity domain and mitigate them in design and implementation.
  • Collaborate at team level while driving own work and projects independently.
  • Keep abreast of industry trends and best practices regarding Directory Services and identity management.
  • Ensure customer deliveries meet security standards and regulatory requirements.
Required hard skills:
  • Active Directory Domain Services (AD DS) implementation and design.
  • Microsoft Legacy Tier Model or Enterprise Access Model design and implementation.
  • Public Key Infrastructure (PKI) related to AD DS.
  • DNS expertise.
  • Windows Server and Client administration.
  • Group Policy management.
  • Authentication and authorization protocols: NTLM, Kerberos, SAML, OAuth2, OIDC.
  • Network segmentation, IPSec, Windows Firewall configurations, and 802.1x.
Recommended hard skills:
  • Active Directory Certificate Services (AD CS) design, implementation, and troubleshooting.
  • Active Directory Federation Services (AD FS) expertise.
  • VMware Cloud Foundation (VCF) authentication and authorization components.
  • PowerShell and .NET Framework for identity and AD automation.
  • Experience with IAM solutions and Microsoft Entra ID.
  • Designing solutions in Operational Technology (OT) environments.
Soft skills:
  • Analytical skills.
  • Attention to detail.
  • Strong communication skills.
  • Curious and committed to continuous development and learning.
  • Adaptable to change.
Coding languages:
  • PowerShell
  • .NET
Frameworks:
  • .NET Framework
Operating systems:
  • Windows Server
  • Windows Client
Natural languages:
  • English (Proficient)
  • Swedish (Basic familiarity)
  • Finnish (Basic familiarity)
Cultural skills:
  • Ability to work remotely across Sweden and Finland.
  • Collaborative and proactive team player.
  • Committed to security and trust as core values.
Apply for this job
Apply here

You might also like: