Cloud Solution Architect (CSA) – Active Directory, ADFS & MFALocation: EgyptLanguage: Arabic and EnglishRole SummaryThe Cloud Solution Architect (CSA) for Active Directory (AD), Active Directory Federation Services (ADFS), and Multi Factor Authentication (MFA) is a customer facing technical leader responsible for guiding enterprise customers to a secure, resilient, and modern identity platform.The CSA acts as a trusted advisor, delivering proactive, outcome based engagements across on premises AD, hybrid identity, federation, and strong authentication. This role supports customers in modernizing identity, securing access, and transitioning from legacy federation to Microsoft Entra ID while maintaining operational excellence.Key ResponsibilitiesIdentity Architecture & Design• Design and validate Active Directory Domain Services (AD DS) architectures, including single forest, multi forest, and multi domain environments• Architect secure federation solutions using ADFS and guide customers through ADFS modernization and deprecation paths• Design hybrid identity solutions integrating on prem AD with Microsoft Entra ID• Ensure identity architectures align with Zero Trust and Microsoft security best practicesADFS & Federation Services• Design, deploy, and configure ADFS (2016 / 2019 / 2022 / 2025) environments• Lead ADFS farm upgrades, migrations, and high availability designs• Support Relying Party Trusts, Claims Rules, and Access Control Policies• Guide customers in migrating applications from ADFS to Microsoft Entra ID• Collaborate with security teams to ensure secure federation designsMFA & Secure Authentication• Design and implement Multi Factor Authentication (MFA) solutions across:o ADFS protected applicationso Hybrid and cloud identities• Assist customers with MFA provider integration, policy design, and enforcement• Troubleshoot complex authentication failures (Kerberos, NTLM, claims based auth)• Guide customers on conditional access and strong authentication strategiesSecurity, Hardening & Identity Protection• Remediate findings from Active Directory security assessments• Advise on:o Privileged access models (Tiering)o Delegation and role separationo Secure administrative practices• Support identity hardening, audit policy tuning, and event monitoring• Provide guidance on identity compromise recovery scenariosOperations, Recovery & Troubleshooting• Troubleshoot:o AD replication and SYSVOL issueso Authentication and trust failureso Domain controller performance issues• Guide customers on:o AD forest and object recoveryo Patch management and change controlo Upgrade planning and functional level raisesCustomer Engagement & Delivery• Deliver structured Microsoft engagements (assessments, accelerators, workshops)• Act as a trusted technical advisor to customer architects and leadership• Collaborate with Account Teams, CSAMs, and Engineering to unblock customer scenarios• Contribute to technical readiness, documentation, and internal knowledge sharingRequired Technical Skills (300–400 Level)Active Directory• AD DS architecture and design• Group Policy strategy and troubleshooting• DNS integration and AD aware networking• PowerShell scripting for identity automation ADFS• Federation service design and HA• Claims and Access Control Policies• ADFS upgrade and migration strategiesMFA & Identity Security• MFA design and enforcement• Authentication flows (Kerberos, NTLM, claims)• Hybrid identity synchronizationPreferred Qualifications• 5+ years in enterprise identity or customer facing technical roles• Strong experience with hybrid identity and identity security• Microsoft certifications in Identity, Security, or Windows Server (preferred)• Experience guiding customers through identity modernization journeys