Sr Lead, Infra Windows

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Northern Trust is seeking an experienced hands-on Windows Server & Active Directory Hybrid Cloud Architect to join our global Windows Engineering team to design, implement, and maintain our enterprise-wide infrastructure spanning on-premises and cloud environments.

This role is responsible for creating a robust infrastructure that meets the highest standards of security, scalability, availability, and recoverability while ensuring regulatory compliance. of our financial institution's IT infrastructure.

Key Responsibilities
Architecture & Design
•    Lead the architectural design and implementation of Windows Server infrastructure and Active Directory services across hybrid cloud environments
•    Develop and maintain the technical roadmap for Windows Server infrastructure, considering business requirements, security compliance, and industry best practices
•    Design highly available and disaster recovery solutions for critical infrastructure components
•    Create and maintain infrastructure-as-code templates for automated deployments using tools like Azure ARM templates, PowerShell, and Terraform
•    Develop cloud migration strategies and roadmaps for legacy systems.
•    Should be well familiar with FSMO (Flexible Single Master Operation) along with roles and functionality.

Active Directory & Identity Management
•    Architect and oversee the implementation of complex Active Directory infrastructure, including multi-forest/multi-domain environments
•    Design and implement Azure AD Connect synchronization topologies and federation services
•    Manage the integration between on-premises Active Directory and Azure Active Directory
•    Develop and maintain Group Policy Objects (GPOs) and security baseline configurations
•    Implement Privileged Access Management (PAM) and Just-In-Time (JIT) access solutions
•    AD experience along with management of forest, multi-forest, trees, and domain objects.

Identity & Access Management
•    Design and implement role-based access control systems across hybrid environments
•    Architect Single Sign-On (SSO) solutions integrated with enterprise applications
•    Implement Privileged Identity Management for administrative access
•    Design conditional access policies for secure remote access
•    Privileged Access Workstations (PAW) usage and management.

Security & Compliance
•    Implement advanced security measures including multi-factor authentication, Privileged Access Management, and Just-In-Time access
•    Ensure infrastructure compliance with financial industry regulations (SOX, PCI-DSS, GLBA)
•    Design and implement zero-trust security architecture
•    Maintain security controls for privileged access and identity management
•    Conduct regular security assessments and implement remediation measures
•    Design and implement PKI infrastructure and certificate management solutions
•    Experience in DSC for maintaining consistent server configurations. 

Cloud Integration
•    Lead Azure infrastructure design and implementation initiatives
•    Develop hybrid connectivity solutions using Azure ExpressRoute and Site-to-Site VPN
•    Design and implement hybrid backup and disaster recovery solutions
•    Optimize cloud resource utilization and cost management
•    Implement cloud security controls and monitoring solutions

Automation & DevOps
•    Develop & maintain Infrastructure as Code (IaC) solutions using PowerShell, ARM templates, or Terraform
•    Create automated deployment pipelines for Windows Server workloads
•    Implement configuration management systems for Windows Server fleet
•    Develop monitoring and alerting frameworks for hybrid environments

Documentation & Knowledge Transfer
•    Create comprehensive architectural documentation and diagrams
•    Develop standard operating procedures for all critical systems
•    Maintain up-to-date disaster recovery documentation
•    Create knowledge transfer sessions for operational teams

Team Leadership & Collaboration
•    Mentor junior team members on infrastructure best practices and emerging technologies
•    Collaborate with application teams to ensure infrastructure meets application requirements
•    Work with security teams to implement and maintain security controls
•    Provide technical leadership in incident response and problem resolution
•    Partner with vendor teams for solution implementation and support

Required Qualifications
•    Bachelor's degree in Computer Science, Information Technology, or related field
•    10+ years of experience in Windows Server infrastructure design and implementation
•    7+ years of experience with Active Directory design and administration
•    5+ years of experience with Azure cloud services and hybrid infrastructure
•    Expert knowledge of PowerShell scripting and automation
•    Strong understanding of PKI, DNS, DHCP, and other core infrastructure services
•    Experience with infrastructure-as-code and configuration management tools
•    Deep knowledge of security best practices and compliance requirements

Preferred Qualifications
•    Master's degree in relevant field
•    Microsoft Certified: Azure Solutions Architect Expert
•    Microsoft 365 Certified: Enterprise Administrator Expert
•    Experience in financial services industry
•    Knowledge of container technologies and microservices architecture
•    Experience with CI/CD pipelines and DevOps methodologies
•    Familiarity with infrastructure monitoring tools
•    Background in security architecture or cybersecurity
•    CISSP or equivalent security certification

Technical Skills
•    Windows Server 2016/2019/2022
•    Active Directory Domain Services
•    Azure Active Directory
•    Group Policy Management
•    PowerShell Scripting
•    Azure Infrastructure Services
•    Infrastructure as Code (Terraform, ARM templates)
•    PKI and Certificate Services
•    Azure ExpressRoute and Site-to-Site VPN
•    Microsoft System Center Suite
•    Azure Security Center/Microsoft Defender for Cloud
•    Azure Monitor and Log Analytics
•    Backup and Disaster Recovery Solutions
 

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.

About Our Pune Office

The Northern Trust Pune office, established in 2016, is now home to over 3,000 employees. The office handles various functions, including Operations for Asset Servicing and Wealth Management, as well as delivering critical technology solutions that support business operations across the globe.

Our Pune team takes our commitment to service to heart. In 2024, they volunteered more than 10,000+ hours into the communities where they live and work. Learn more.