Key responsibilities (daily)
Administration and operation of Active Directory (on-premises) and Entra ID (Azure AD), including hybrid synchronisation
Management of user accounts, groups, roles and access rights in accordance with the principle of least privilege
Troubleshooting and incident handling relating to identity and authentication issues
Monitoring of directory services: performance, replication, health status
The focus is on stable operation, targeted development and effective troubleshooting – not on ongoing project or migration work.
Strategic tasks (regular)
Further development of our IAM policies and access controls
(RBAC, PAM, Conditional Access)
Ensuring compliance and regulatory requirements
(GDPR, ISO 27001, internal policies)
Contributing to the further development of our M365 environment
(Exchange Online, Intune, Teams)
Developing and maintaining automation scripts (PowerShell) for lifecycle processes
Backup and disaster recovery procedures for directory services
Collaboration
Close coordination with the Network, Security and Cloud teams, as well as with
application owners
Stakeholder communication regarding changes to access rights and identity processes
Architectural decisions and central security governance are the responsibility of specialised teams; this role implements them operationally.