Our experienced team is always available to assist you with your global inspection and analysis requirements.


Senior Active Directory Engineer

What is on offer?

We have an excellent opportunity for a Senior Active Delivery engineer to join our IT Infrastructure team based in our Global Headquarters in Prescot. Reporting directly to the Head of Infrastructure, the Senior Active Directory Engineer will provide support, implementation, and design services for Microsoft Active Directory and Windows-based systems across the enterprise, including directory and identity management solutions. Resolve and appropriately complete assigned cases and change requests and act as an escalation for support issues.

Apply new solutions through research and collaboration with the team and determine a course of action for new application initiatives. Implements new software solutions as required by the Business. The core infrastructure technology duties include enterprise Microsoft Active Directory, DNS, PKI (CA), and Windows file services architecture creation and management, global system security and policy configuration, and top-level support for enterprise-wide initiatives.



About us

Alfred H Knight is a totally independent, family owned business spanning five generations. A global network of strategically placed offices and laboratories enable global trade by providing independent inspection, analysis and consultancy services to the metals and minerals and solid fuels industries.

We have honed & carefully crafted our reputation. Delivering knowledge and professionalism in all aspects of weighing, sampling and analysis. We thrive by continuing to re-invest in our facilities, technology and people. Click here to find out more about AHK.



Do you have what it takes?


  • Strong understanding of AD Attributes, LDAP Queries, PowerShell Scripting to Modify AD Attributes, Group Policy Analysis, GPO Configuration & Item-Level Targeting, Workstation Configurations, Browser Configuration Settings, familiarity with VMView and other Applications that integrate with Active Directory.
  • Strong knowledge of permissions that are granted natively to various Microsoft Built-In Groups to perform Active Directory Administrative Functions, knowledge of native permissions granted when building AD objects, knowledge of permissions granted natively to Built-In Groups via GPOs and/or Local Policies.
  • Thorough functional understanding and ability to configure Active Directory Server Roles (CAs, DNS, IIS, File/Print).
  • Working knowledge of GPOs, AD Sites, Replication Topology, and native AD troubleshooting tools.
  • Oversees and maintains the security and reliability of the corporate forest while ensuring the integrity of the AD schema.
  • The Active Directory Engineer will plan, support, implement and design a directory  synchronisation system for Microsoft Active Directory and Windows-based systems across the enterprise, including directory and identity management solutions.
  • Implementation of Business driven changes, Configuration of Group Policies and Integration of AD Management tools/services.
  • Analysis, design and implementation of Active Directory and Identity Management Solutions.
  • Independently manage and perform engineering lead role for large scale Active Directory and Identity Management projects.
  • Analyse current Active Directory environment to identify both technical and operational challenges and develop solutions for improvement.
  • Analysis, design, capacity planning and implementation of Active Directory Security.
  • Willing to work in a 24 x7 environment.
  • DC, AD patch management


Core Knowledge Requirements

  • 5+ years of experience with Active Directory, preferably in a large scale, ITIL environment
  • Experience with Windows Server (2012, 2016 or 2019)
  • Ability to create/manage Domain Services and Federation Services concepts and configuration including disaster recovery scenarios, managing security groups, delegation, OU structure, object types, and attributes;
  • In-depth knowledge of Kerberos (Microsoft and MIT/Heimdal) and NTLM authentication
  • Demonstrable experience with Microsoft technology including ADDS (knowledge of ADFS, Azure AD, CA, PKI)
  • Experience in Active Directory upgrades and migration projects
  • Human competencies: teamwork and multicultural awareness
  • Leadership skills: initiative, effective communication, ability to manage workload and meet deadlines



  • Degree in Computer Science or related discipline.
  • Microsoft certification (MCSA/MCSE Windows Server), Microsoft Certified: Windows Server Hybrid Administrator Associate, and / or Microsoft Certified Expert.


Desirable Knowledge Requirements

  • Experience with design and administration of VDI deployments in Citrix.
  • Experience with various Hypervisors including VMWare and Hyper-V.
  • Experience with management of non Windows AD joined devices.
  • Appreciation/knowledge/skills in C#, Python or JSON.
  • Red Team assessment exposure and interaction.
  • Administration and implementation of ADFS / SAMAL identity solutions for more than Microsoft Office 365.
  • Knowledge of networking within an enterprise environment.
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritise and execute tasks in a high-pressure environment.


What are the benefits?

We are offering an excellent opportunity with a salary and benefits package to match including pension, life assurance and an employee assistance programme.

Apply Now