Job Description

Senior Active Directory Engineer (Enterprise Security & Architecture)

• Date Posted Feb 13, 2026
• Location Toronto, ON
• Job Type Contract
• Job ID 19251

Are You an Experienced Active Directory Engineer Looking for Your Next Challenge? Apply Now!
Working with one of our top financial clients, this role calls for a Senior Active Directory Engineer (Enterprise Security & Architecture) to join our client's Identity Services team to lead critical infrastructure initiatives, focusing on the review, remediation, and security hardening of our on-premises Active Directory environment. This is an excellent opportunity for a seasoned professional to leverage their expertise in a dynamic, fast-paced setting.
Responsibilities

• Assess, remediate, and optimize Active Directory forest and domain configurations
• Design, implement, and manage forest and domain trusts, including external, parent-child, and filtered trusts
• Develop and oversee Group Policy Objects (GPO) and authentication policies to enforce security controls
• Apply advanced security measures for privileged access, service accounts (including gMSA), and functional accounts
• Harden domain controllers and Tier 0 servers following security best practices
• Audit and remediate directory object permissions to follow least privilege principles
• Manage Kerberos protocol settings, ticket lifetimes, and mitigate risks such as Kerberoasting and Golden/Silver Ticket attacks
• Review and restrict NTLM protocol usage, implement modern authentication protocols, and disable legacy authentication where feasible
• Support implementation of authentication enhancements such as Protected Users, authentication policies, and credential caching controls
• Provide third-level support for Active Directory incidents, including replication failures, authentication issues, and security breaches
• Utilize diagnostic tools (e.g., repadmin, dcdiag, event logs) to monitor AD health and troubleshoot infrastructure issues
• Collaborate with security and infrastructure teams to respond to vulnerabilities and audit findings
• Serve as a subject matter expert for Active Directory-related projects, migrations, and integrations
• Advise on directory design, trust architecture, and integration with identity management platforms
• Document technical solutions, remediation activities, and operational procedures

Desired Skill-Set

• 7+ years of hands-on experience with large-scale, multi-domain, and multi-forest Active Directory environments
• Deep understanding of AD architecture, including replication, sites and services, and trust relationships
• Extensive experience with authentication protocols (LDAP, Kerberos), ticket management, and protocol security
• Proven expertise in GPO design and deployment, privileged access management, and security hardening
• Strong background in incident response, remediation of misconfigurations, and directory security practices
• Familiarity with monitoring, network capture, and security assessment tools
• Excellent written and verbal communication skills
• Ability to work effectively with cross-functional teams and external partners

Nice to Have

• Advanced PowerShell scripting for automation and management tasks
• Experience managing service accounts, including gMSA, credential protection, and identity lifecycle
• Knowledge of integration with identity management platforms and related migration projects

BeachHead is an equal opportunity agency and employer. We advocate for our candidates and welcome applicants regardless of race, color, religion, national origin, sex, age, or physical or mental disability. BeachHead or our clients may use technology-enabled tools, including automation and artificial intelligence (AI), to support parts of the recruitment process such as resume screening, application management, and candidate matching. These tools assist our recruiters and our clients, and do not replace human decision-making. This job posting represents a current or anticipated vacancy. The position may be filled at any time, and the posting may be removed without notice once the role has been filled.
First Name:
Last Name:
Email Address:
Phone Number:
Upload Resume File:
Upload Resume File:...
Attach a Resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.
Upload Additional document
Upload Additional document...
Attach an additional file, if applicable. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

• By submitting this application, you consent to the collection, use, and disclosure of your personal information in connection with your current application or any future opportunities that match your skill sets.

• By submitting this application, you agree to our Terms of Service.

People looking for jobs should not put anything here.
We are uploading your application. It may take a few moments to read your resume. Please wait!
Get Job Alerts
Get an email when a new job in your field or area is posted to Beach Head.
Search All Jobs
Search our current job openings to find the right fit for you.
Key Word or Key Words
Search
Related Jobs

• Date Posted Feb 13, 2026
• Employment Type Contract
• Location Toronto, Ontario

• Date Posted Feb 13, 2026
• Employment Type Contract
• Location Toronto, ON

• Date Posted Feb 13, 2026
• Employment Type Contract
• Location Toronto, Ontario

• Date Posted Feb 12, 2026
• Employment Type Contract
• Location Toronto, ON

• Date Posted Feb 12, 2026
• Employment Type Contract
• Location Toronto, ON

BeachHead Inc. 130 King Street West Suite 1900, PO BOX 427 Toronto, ON M5X 1E3
2026 , all rights reserved.
Subscribe to Job Alerts
First name
Last name
Email Address
Job Categories

• All
• Architect-Enterprise/Solution/Data/Application
• Architect-Network/Infrastructure
• Auditor
• Business
• Business Analyst
• Business Systems Analyst
• Business-Other
• Careers at BeachHead
• Change Management Consultant
• Communication Specialist
• Content Writer
• Data Analyst
• Data Scientist
• Database Admin-(SQL/Oracle/Hadoop/DB2)
• Designer-Learning and Development
• Designer-Solution
• Designer-UX/UI/Graphic
• DevOps Specialist
• Developer-.Net
• Developer-Other
• Developer-BI/SQL/SAS
• Developer-Java
• Developer-UX/UI/Graphic
• Financial Analyst
• HR-Admin/Recruiter/Learning and Development
• IT Security-Analyst/Engineer
• IT-Other
• Information Technology
• Machine Learning/AI Specialist
• Marketing/Business Development
• Middleware Specialist
• Network Admin/Engineer/Analyst
• PCO/Project Coordinator
• Program Manager-Business
• Program Manager-IT
• Project Manager-Business
• Project Manager-IT
• QA/UAT/Automation-Analyst/Tester
• QA-Manager/Lead
• Risk Analyst
• Salesforce-Admin/Developer
• Scrum Master/Agile Coach
• ServiceNow Admin/Developer
• System Admin-(Unix/Linux)/Windows
• Technical Writer

Job Locations

• All
• Calgary, Alberta
• Halifax, Nova Scotia
• LaSalle, Quebec
• Laval, Quebec
• London, Ontario
• Markham, Ontario
• Mississauga, Ontario
• Montreal, Quebec
• Ottawa, Ontario
• Regina, Saskatchewan
• Scarborough, Ontario
• Toronto, Ontario
• Vancouver, British Columbia

• By signing up for job alerts you consent to the collection, disclosure and use of your personal information to send you notifications of new jobs that match your interest.

Skills Required