Avanciers is seeking a highly skilled Microsoft Active Directory Architect to join our team for an exciting long-term contract with one of our esteemed Fortune 500 clients, based in Montreal, QC. This is a hybrid role, offering a blend of onsite collaboration and remote flexibility.

QUALIFICATIONS:

• Bachelor’s degree in computer science, Information Systems, or related field (or equivalent experience).
• 10+ years of experience in IT infrastructure, with 5+ years specifically in Active Directory architecture.
• Proven track record in Active Directory / hybrid identity implementations and migrations, including AD Connect and Entra ID.
• In-depth knowledge of Microsoft Active Directory (2008R2 to 2025).
• Expertise in the design of delegation models and OU structures.
• In-depth knowledge of Ad security best practices. Solid understanding of LDAP, Kerberos, NTLM, SAML, OAuth, ADFS, PKI etc.
• Familiar with Privileged Access Management (PAM) and Identity Governance (IGA) tools. (e.g., CyberArk, BeyondTrust).
• Experience with multi-factor authentication (MFA) and Conditional Access Policies.
• Understanding of cloud identity integration (Azure, AWS, GCP).

JOB SUMMARY:

We are seeking an experienced Senior Active Directory Architect to lead the design of our on-premises and hybrid identity infrastructure. This role is critical in shaping the future of identity and access services across our global enterprise landscape, ensuring security, scalability, and seamless integration with cloud services and business systems.

• Architect and implement enterprise-level Active Directory solutions to support authentication, authorization, and directory services across a secure environment.
• Design the logical structure (organizational units, accounts, groups, group strategies) that meet business and compliance requirements.
• Elaborate a fine grain delegation model based on the principle of least access (RBAC, AGDLP/AGUDLP).
• Assess and reinforce access controls. (ACLs, GPOs, Privileged access groups)
• Oversee hybrid identity integrations including Microsoft Entra ID, and third-party platforms (e.g., Okta, Ping).
• Lead migration, consolidation, or remediation strategy involving domain restructuring across legacy environments.
• Manage AD replication topology, FSMO roles, DNS, DHCP, and domain controller placement.
• Collaborate with Information Security and IT Governance teams to ensure adherence to compliance frameworks (e.g., NIST, ISO 27001, SOX).
• Document architectural standards, naming convention schemas, solution diagrams, and configuration baselines.
• Guide design based on future state technology from Microsoft and other key vendors.

KEY SKILLS:

• Excellent architectural documentation and presentation skills.
• Strong cross-functional leadership and stakeholder communication, including presentations to executive leadership.
• Ability to work effectively in global, multi-domain, and complex IT environments.
• Comfortable exercising judgment and using analytical skills in ambiguous situations.
• Problem-solver with a strategic and security-first mindset.
• Experience in M&A IT integration/divestiture projects (optional but valued)
• Excellent communication skills (oral and written) in both official languages

:

• Microsoft Certified: Identity and Access Administrator (SC-300)
• Microsoft Certified: Azure Solutions Architect Expert
• MCSE: Core Infrastructure

• Architect and implement enterprise-level Active Directory solutions to support authentication, authorization, and directory services across a secure environment.
• Design the logical structure (organizational units, accounts, groups, group strategies) that meet business and compliance requirements.
• Elaborate a fine grain delegation model based on the principle of least access (RBAC, AGDLP/AGUDLP).
• Assess and reinforce access controls. (ACLs, GPOs, Privileged access groups)
• Oversee hybrid identity integrations including Microsoft Entra ID, and third-party platforms (e.g., Okta, Ping).
• Lead migration, consolidation, or remediation strategy involving domain restructuring across legacy environments.
• Manage AD replication topology, FSMO roles, DNS, DHCP, and domain controller placement.
• Collaborate with Information Security and IT Governance teams to ensure adherence to compliance frameworks (e.g., NIST, ISO 27001, SOX).
• Document architectural standards, naming convention schemas, solution diagrams, and configuration baselines.
• Guide design based on future state technology from Microsoft and other key vendors