What you will do
- Lead the administration and evolution of Microsoft Active Directory in a complex enterprise environment.
- Own Exchange and Exchange Hybrid (on-premises and Exchange Online), ensuring reliability, security, and seamless coexistence.
- Design, operate, and maintain Public Key Infrastructure (PKI), including certificate lifecycle management.
- Administer and develop Microsoft 365 / Entra ID identity services, roles, and access models.
- Implement and support ADFS / SSO and federation scenarios for internal and external applications.
- Ensure secure access control, authentication, and authorization across platforms.
- Collaborate with network, platform, and application teams on identity-related integrations.
- Drive continuous improvement of identity and messaging architectures and operational practices.
Qualifications and experience needed
- Strong hands-on expertise in Active Directory (architecture, trusts, GPO, troubleshooting).
- Proven experience with Exchange (on-prem) and Exchange Hybrid.
- Solid practical experience with PKI (Root/Issuing CAs, templates, CRL/OCSP).
- Production experience with Microsoft 365 / Entra ID in hybrid environments.
- Practical knowledge of ADFS / SSO, federation, and claims-based authentication.
- Strong Windows Server background in enterprise environments.
- Ability to work independently, take ownership, and act as a technical lead.
- English proficiency: Intermediate or higher.
What we offer
- Office or remote — it's up to you.
- Remote onboarding.
- Performance bonuses for everyone (annual or quarterly — depends on the role).
- We train employees: the opportunity to learn through the company’s own library, internal resources and programs from partners.
- Health and life insurance.
- Wellbeing program and corporate psychologist.
- Reimbursement of expenses for Kyivstar mobile communication.