System Engineer, Active Directory
Job Title:System Engineer, Active Directory
Activision Blizzard’s IT Enterprise Services division is looking for an experienced and
talented Active Directory engineer to join our Identity and Access Management Operations
team. The IAM Ops team is responsible for engineering and administration of the
applications and services which support identity management along with on-prem and cloud
This role augments our team of System Engineers responsible for Microsoft Active
Directory/Azure AD (AD/AAD) services across the Activision, Blizzard, and King
organizations. The ideal candidate is well-versed in identity management principles and is
specifically experienced in designing, deploying, operating, and troubleshooting AD/AAD
implementations in a secure fashion and according to industry’s best practices. If you dream
about optimized OUs and delegations, spent a week getting your end-to-end replication
time down to a couple minutes, and converted all your service accounts to GMSAs, then we
want to hear from you!
A good System Engineer is a self-starter who watches for every area of improvement and
proactively drives new solutions to stay ahead of the company’s needs. Working directly
with our project management and other IT teams, this role will drive decisions which shape
our services for years to come. This role also works directly with our Information Security
team to review proposed configurations before implementing, and to address any issues
with existing infrastructure and resolve any issues with existing policies and configurations.
● Design, deploy, operate and optimize new and existing AD/AAD solutions and
● Leverage PowerShell and Azure Automation and other tools to standardize and
automate common tasks.
● Drive secure services toward Infrastructure as Code using tools like Powershell
● Provide guidance to AD/AAD integration teams and other administrators from across
● Monitor service health and improve monitoring toolkits for better service insight and
● Create documentation such as Standard Operating Procedures, Knowledge Base
articles, and Troubleshooting Guides which promote user and administrator
● Support our AD/AAD infrastructure during business hours and participate in an
on-call rotation providing 24/7 support.
● Support legacy auth configurations such as LDAP.
● Perform other related duties as assigned.
● Experience designing, deploying, and managing on premise Active Directory
in an enterprise environment.
● Experience using Powershell for automation of system and user
● Experience engineering new enterprise solutions from requirements
gathering through implementation, documentation, and operational handoff.
● Experience designing, deploying, and managing MS Group Policy Objects.
● Experience designing and managing Azure AD and Azure AD Connect
including, but not limited to Azure AD Connect upgrades, configuration changes,
enterprise applications, conditional access policies, Azure AD hardening, auditing
● Advanced knowledge of computer security systems, applications, procedures, and
● Expert knowledge of Windows Operating system and authentication mechanisms
used by Active Directory and Azure AD.
● Strong interpersonal and communication skills.
● Excellent English written and verbal communication skills.
● Willing to travel occasionally.
Bonus Points For
● A degree in computer science, Information Technology or related field.
● Relevant Microsoft Certifications.
● Experience with tools like Quest Recovery Manager for AD and GPOADmin.
● Experience troubleshooting PKI and AD’s use of it.
● Experience in administration of Office 365, Microsoft Partner Portal, Azure
infrastructure as a service.
● Experience with cross-tenant collaboration and guest identities in Azure AD.
● Experience with SAML and OIDC applications as it relates to Azure AD.
● Virtualization experience with VMware.
● Experience working in a DevOps environment, or knowledge of DevOps principles.
● Understanding of ITIL framework.
● Love for video games.