Location: Visakhapatnam, India
Experience: 4–6 Years
Job Type: Full-Time
EISAI Global Digital Business Transformation (GDBT) Centre in Vizag is a global capability hub delivering high-quality IT services across EISAI regions. The centre engineers, secures, and operates cost-optimized global infrastructure platforms that support our human healthcare (HHC) mission.
As a Directory Services Engineer at EISAI GDBT, you will be responsible for the hands-on implementation, support, and optimization of enterprise identity platforms. You will work extensively with Active Directory, Microsoft Entra ID, and CyberArk PAM, ensuring secure, reliable, and compliant identity and privileged access operations in hybrid environments.
Directory & Identity Operations
Design, implement, and support Active Directory and Microsoft Entra ID environments, including hybrid identity configurations.
Manage domain and forest trusts, replication, site topology, and DNS dependencies.
Handle user-raised incidents related to directory services (slow logons, account lockouts, authentication failures).
Troubleshoot Active Directory replication, SYSVOL, site configuration, and GPO issues.
Work on incident, change, and problem tickets using ITSM tools for AD, Entra ID, PKI, and IAM services.
Troubleshoot account lockouts, Kerberos, and Windows authentication issues.
Perform system state backups, authoritative and non-authoritative restores, and AD disaster recovery.
Execute domain and forest migrations for small, medium, and large environments.
Entra ID & Security Controls
Configure and support Conditional Access, MFA, Identity Protection, and Privileged Identity Management (PIM).
Troubleshoot synchronization, authentication, and authorization issues in hybrid identity environments.
Support Entra Connect / Azure AD Connect operations and synchronization troubleshooting.
CyberArk Privileged Access Management
Integrate CyberArk PAM with Active Directory and Microsoft Entra ID, ensuring seamless privileged account lifecycle management.
Manage privileged credential discovery, vaulting, rotation, and access policies for service, admin, and application accounts.
Configure and support Just-in-Time (JIT) privileged access using CyberArk, aligned with Zero Trust and least-privilege principles.
Monitor and support privileged sessions using CyberArk PSM and session recording.
Troubleshoot CyberArk-related access, authentication, and policy enforcement issues.
PKI, Automation & Collaboration
Troubleshoot PKI and certificate services, including enrollment, renewal, and trust issues.
Automate recurring administrative tasks using PowerShell and scripting tools.
Collaborate with InfoSec, Compliance, Infrastructure, and Cloud teams to meet security and audit requirements.
Support audits by providing logs, access reviews, and technical evidence as required.
Strong hands-on experience with Active Directory, DNS, DHCP, Group Policy, and Microsoft Entra ID.
Solid understanding of Kerberos, SSPI, and Windows authentication mechanisms.
Hands-on experience with CyberArk Privileged Access Management (PAM).
Deep understanding of one of the M365 service like Exchange Online, SharePoint Online, Teams and etc
Experience managing privileged credentials, session monitoring, and JIT access.
Hands-on knowledge of PKI, certificates, and directory replication tools (Dcdiag, Repadmin, Replmon).
Proficiency in PowerShell scripting and automation.
Experience with Microsoft Defender for Identity, Azure Security Center, and compliance tools.
Basic understanding of Microsoft 365 Suite services like SharePoint, Teams, Exchange Online etc.
Experience with hybrid identity environments and Zero Trust security models.
Familiarity with SIEM tools and identity-related security auditing.
Exposure to Delinea, ADFS, or other IAM/PAM platforms.
Experience with Microsoft Identity Manager (MIM) is a plus.
Bachelor’s degree in computer science, Information Technology, or related field.
Microsoft Certified: Identity and Access Administrator Associate preferred.
Microsoft 365 Certified: Enterprise Administrator Expert preferred.
CyberArk certification is a strong plus.