SENIOR INFRASTRUCTURE ARCHITECT (LLD)

Job SummaryWe are seeking an experienced Senior Infrastructure LLD Architect to produce Low Level Design documentation for a large-scale banking infrastructure project. The engagement is remote, contract-based (2 months), and requires immediate availability. The candidate will work as part of a delivery team supporting a structured infrastructure rollout, covering Active Directory, Identity & Access Management, Endpoint Security, PKI, PAM, SIEM, Windows Infrastructure, Provisioning, and ITSM platforms within secure, highly available enterprise environments.This is a delivery-focused role. Senior professionals only — 10+ years minimum.Key ResponsibilitiesProduce detailed Low Level Design (LLD) documents and architecture governance artifacts across assigned infrastructure domains.Design and implement Active Directory (AAA) architectures, including multi-forest environments, tenant isolation, RBAC, delegation models, and secure authentication.Architect and manage Microsoft Defender for Endpoint, Intune, endpoint hardening, EDR, vulnerability management, and security compliance.Design and maintain Group Policies (GPOs), security baselines, and endpoint configuration standards.Implement Network Policy Services (NPS) and secure 802.1X authentication solutions using RADIUS and EAP-TLS.Design and manage Microsoft PKI (AD CS), including Offline Root CA, Issuing CAs, certificate lifecycle management, CRL, and OCSP.Support core Microsoft infrastructure services including DNS, DHCP, NTP, DFS, WSUS, File Services, and Bastion Hosts.Design and implement One Identity Safeguard PAM solutions including password vaulting, session management, privileged access governance, and JIT access.Architect and manage Splunk SIEM platforms, including log ingestion, indexing, clustering, monitoring, and security analytics.Design and support MECM/SCCM provisioning and operating system deployment solutions.Develop and optimize ServiceNow Incident Management workflows, integrations, CMDB, SLAs, and escalation processes.RequirementsBachelor's degree in Computer Science, Information Technology, Cyber Security, or related field.10+ years of experience in Microsoft infrastructure, security, and enterprise architecture.Strong expertise across:Active Directory (AD DS)Microsoft Defender for EndpointMicrosoft IntuneAD CS / PKINPS / RADIUS / 802.1XOne Identity Safeguard PAMSplunk EnterpriseMECM / SCCMServiceNowPowerShell AutomationProven experience producing LLD documentation in enterprise delivery environments.Strong understanding of Zero Trust, Identity Security, Privileged Access Management, and Security Operations.Schengen visa holder preferred but not required.Preferred CertificationsCISSP, CISMMicrosoft Cybersecurity Architect ExpertMicrosoft Identity & Access AdministratorSplunk Certified ArchitectITIL FoundationOne Identity Safeguard CertificationVerticalTechnologyOriginally posted on Himalayas