Role Purpose

The Windows Server & Active Directory Security Administrator is responsible for managing and securing enterprise Windows environments. This includes patch management using WSUS/SCCM, Active Directory security hardening, and enforcing security baselines across 10,000+ endpoints. The role ensures systems remain compliant with internal security standards and industry benchmarks (e.g., CIS), while maintaining high availability and security posture.

Key Responsibilities

Windows Server Patch Management

Oversee end-to-end patch management lifecycle for Windows Servers using WSUS and SCCM Ensure timely deployment of OS and application patches across large-scale environments Monitor patch compliance and generate reports for audits and management review Troubleshoot patch deployment failures and implement remediation plans Align patching practices with CIS Benchmarks and internal policies

Active Directory Security & Hardening

Implement and maintain Active Directory (AD) security best practices, including:Privileged Access Management (PAM) Role-Based Access Control (RBAC) Secure Kerberos configuration and policies Conduct periodic reviews of:User access rights and privileged accounts Group memberships and service accounts Identify and remediate AD vulnerabilities and misconfigurations

Group Policy & Endpoint Security Baselines

Design and enforce Group Policy Objects (GPOs) for enterprise-wide security configurations Implement security baselines across 10,000+ endpoints (servers and workstations) Ensure systems comply with:Internal security standards CIS Benchmark configurations Continuously monitor and fine-tune GPOs for efficiency and compliance

Compliance & Security Operations

Ensure infrastructure adheres to internal security policies and regulatory requirements Support internal and external audits by providing evidence of patching and configuration compliance Maintain documentation of system configurations, patch status, and AD changes Collaborate with cybersecurity teams to respond to vulnerabilities and incidents

Infrastructure Maintenance & Support

Maintain and support Windows Server environments (on-premises and hybrid) Perform regular system health checks and proactive maintenance Support identity and access management processes within AD Participate in infrastructure improvement initiatives and automation efforts

Qualifications & Experience

Education

Bachelor’s degree in:Information Technology Computer Science Networking or related field
Experience

4–8+ years of experience in:Windows Server Administration Active Directory management in large enterprise environments Proven experience managing 10,000+ endpoints is highly preferred Hands-on experience with:WSUS and SCCM for patch management GPO design and enforcement
Technical Skills

Strong knowledge of:Windows Server OS (2016/2019/2022) Active Directory architecture and security Kerberos authentication and policies Experience with:CIS Benchmarks and system hardening practices Endpoint security configuration and compliance tools Familiarity with:Hybrid environments (on-prem + Azure AD) Power Shell scripting for automation
Soft Skills

Strong problem-solving and troubleshooting ability Attention to detail with a strong security mindset Ability to manage tasks in large, complex environments Effective communication and teamwork skills

Certifications (Preferred / Required)

Microsoft Certified: Windows Server Hybrid Administrator Associate Microsoft 365 Certified: Security Administrator Associate Additional certifications (nice to have):Microsoft Certified: Azure Administrator Associate CISSP / Security+
Key Competencies

Patch Management & Compliance Active Directory Security Endpoint Security Management GPO & Policy Enforcement Infrastructure Stability & Operations Risk Awareness & Mitigation

Windows Administrator in Abu Dhabi, United Arab Emirates