Directory Services Architect Wanted at Epical

Epical Sweden AB

Stockholms län, Stockholm

Previous experience is desired

~51 800 kr / per month ->
Fixed monthly, weekly, or hourly salary

Published 2025-03-19 Permanent employment Full time

Apply now

167 days left
to apply for the job

Epical is a pure-play data consultancy with services and expertise to support and enable the management, utilization and protection of our clients' data. We're not just experts in data; we're trust-makers who empower our clients to exceed expectations. Join us in our mission to empower organizations through secure and efficient digital identity management!

What is this role about?

We are seeking a Directory Services Architect to join our Digital Trust team. You will have overall responsibility for implementing identity solutions and directories such as Active Directory, federation, authentication, and authorization for identities and devices. To succeed in the role, you have prior experience in implementing the above technologies in larger, complex environments with high-security requirements and a solid understanding of Public Key Infrastructure (PKI) in the context of these technologies and products.

Key responsibilities:

Creating designs for technical implementations, in regard to the customers’ requirements and demands.

Manage the deliveries of both architectural and technical solutions and ensure that solution proposals can be implemented in practice.

Be aware of and keep up to date with common vulnerabilities and threats within the identity domain and be able to mitigate them both in design choices and in the implementation of technical solutions.

Collaborate on a team level but still be comfortable taking your own initiatives to drive your own work and projects forward.

Stay updated on industry trends and best practices within Directory Services and the identity domain.

Ensure security standards and regulatory requirements are being considered in customer deliveries.

The role is a full-time position, and you can live anywhere in Sweden or Finland as we apply remote work, depending on customer assignments.

Are you our next trust-maker?

To succeed in this role, you should have...

At least 10 years of technical expertise in Active Directory Domain Services (AD DS) at an expert level – implementation, design, and securing.

At least 3 years of experience in designing and implementing the Microsoft Legacy Tier Model or Enterprise Access Model with Privilege Access Workstations (PAWs).

A minimum of 5 completed projects related to Active Directory Domain Services (AD DS).

At least 3 completed projects related to Active Directory Domain Services (AD DS) and security where a tier model has been implemented – the most recent not older than 2018.

At least 3 years of experience with Public Key Infrastructure (PKI) in relation to Active Directory Domain Services (AD DS) – as well as Smart Card or Yubikey authentication.

At least 3 years of technical expertise and understanding of DNS.

Excellent knowledge of Windows Server and Windows Client, Group Policy, and advanced troubleshooting.

Good knowledge of authentication/authorization protocols such as NTLM, Kerberos, SAML, OAuth2, and OIDC.

Good knowledge of network segmentation and IPSec in Windows Firewall (Domain and Server Isolation) and 802.1x.

Fluent in English, speaking and writing.

Strongly merited skills

Previous experience in the design, implementation, and troubleshooting of Active Directory Certificate Services (AD CS).

Previous experience in the design, implementation, and troubleshooting of Active Directory Federation Services (AD FS).

Previous experience with VMware Cloud Foundation (VCF) in relation to authentication and authorization (ESXi, vCenter, vIDM, NSX-T Manager).

Knowledge of PowerShell and .NET Framework for automating identity and Active Directory-related tasks (System.Directory Services.).

Previous experience with IAM solutions & Microsoft Entra ID.

Previous experience designing solutions for Operational Technology (OT) environments.

At least 1 year of experience within project(s) involving security-sensitive operations.

Fluency in Swedish or Finnish in both speaking and writing.

In addition, you have great analytical skills, pay attention to detail, and possess strong communication skills. You are curious, committed to development and learning, and adaptable to change.

What do we offer?

A chance to join a team of the Nordic region’s leading experts in Digital Trust, where curiosity is encouraged, and sharing knowledge is a priority.

Engaging and challenging hands-on assignments, collaborating with large global clients in complex environments.

A supportive organization that values accountability, while also promoting work-life balance and offering the flexibility to work remotely.

A comprehensive compensation and benefits package.

Ongoing opportunities for education and growth. Access to Visual Studio Enterprise Subscription and Azure/O365 lab environment, courses and certifications to fuel your curiosity and professional development.

Let’s secure the Nordics together, one step at a time

To qualify for this role, you need to have a residence, as well as a citizenship/work permit in Sweden or Finland. If you have any questions regarding the role, please do not hesitate to contact me at malla.soderberg@epicalgroup.com.

Our expertise is data. Our product is trust.

We’re epical.

And you’re welcome to join us.