SENIOR INFRASTRUCTURE ARCHITECT (LLD)

Job Summary

We are seeking an experienced Senior Infrastructure LLD Architect to produce Low Level Design documentation for a large-scale banking infrastructure project. The engagement is remote, contract-based (2 months), and requires immediate availability. The candidate will work as part of a delivery team supporting a structured infrastructure rollout, covering Active Directory, Identity & Access Management, Endpoint Security, PKI, PAM, SIEM, Windows Infrastructure, Provisioning, and ITSM platforms within secure, highly available enterprise environments.

This is a delivery-focused role. Senior professionals only — 10+ years minimum.

Key Responsibilities

• Produce detailed Low Level Design (LLD) documents and architecture governance artifacts across assigned infrastructure domains.
• Design and implement Active Directory (AAA) architectures, including multi-forest environments, tenant isolation, RBAC, delegation models, and secure authentication.
• Architect and manage Microsoft Defender for Endpoint, Intune, endpoint hardening, EDR, vulnerability management, and security compliance.
• Design and maintain Group Policies (GPOs), security baselines, and endpoint configuration standards.
• Implement Network Policy Services (NPS) and secure 802.1X authentication solutions using RADIUS and EAP-TLS.
• Design and manage Microsoft PKI (AD CS), including Offline Root CA, Issuing CAs, certificate lifecycle management, CRL, and OCSP.
• Support core Microsoft infrastructure services including DNS, DHCP, NTP, DFS, WSUS, File Services, and Bastion Hosts.
• Design and implement One Identity Safeguard PAM solutions including password vaulting, session management, privileged access governance, and JIT access.
• Architect and manage Splunk SIEM platforms, including log ingestion, indexing, clustering, monitoring, and security analytics.
• Design and support MECM/SCCM provisioning and operating system deployment solutions.
• Develop and optimize ServiceNow Incident Management workflows, integrations, CMDB, SLAs, and escalation processes.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related field.
• 10+ years of experience in Microsoft infrastructure, security, and enterprise architecture.
• Strong expertise across:
  • Active Directory (AD DS)
  • Microsoft Defender for Endpoint
  • Microsoft Intune
  • AD CS / PKI
  • NPS / RADIUS / 802.1X
  • One Identity Safeguard PAM
  • Splunk Enterprise
  • MECM / SCCM
  • ServiceNow
  • PowerShell Automation
• Proven experience producing LLD documentation in enterprise delivery environments.
• Strong understanding of Zero Trust, Identity Security, Privileged Access Management, and Security Operations.
• Schengen visa holder preferred but not required.

Preferred Certifications

• CISSP, CISM
• Microsoft Cybersecurity Architect Expert
• Microsoft Identity & Access Administrator
• Splunk Certified Architect
• ITIL Foundation
• One Identity Safeguard Certification

Vertical

Technology

Originally posted on Himalayas