TIAA Sr. Active Directory Engineer in Broomfield, Colorado



As long as there are people who make the world a better place, we'll keep making a difference for them. Since 1918, it has been TIAA's mission to serve those who serve others. It is this mission and the values we embrace that make us a different kind of financial services organization.

When you work here at TIAA, you're not just in it for yourself. You are part of something bigger. A collective mission to make a difference - a collective mission we make our own.

To be difference makers.

For more information about TIAA, visit our website at .


Currently, our CloudSolutions-EHS Server Engineering Team has a Sr. Active Directory Engineer position open in their Chicago, IL, Denver, CO, Broomfield, CO orIselin, NJ office. This role will provide senior-level solution architecture, engineering design, implementation, and technical third-level support services for Microsoft Active Directory and the Windows Server platform across the enterprise, including directory and identity management solutions. The core infrastructure technology duties include enterprise Microsoft Active Directory and Windows Server platform standards including; server provisioning and deployment, global system security standards and top-level support for enterprise-wide infrastructure applications.

This is a great opportunity to show-case your knowledge, skills and abilities. Come and join ourteam and Deliver Excellence!


  • Provide senior-level technical support,implementation, and design services for Microsoft Active Directory and the WindowsServer platform across the enterprise, including directory and identitymanagement solutions

  • Develop and enhance Microsoft Windows Serverand Active Directory engineering standards for a multi-site organization,including the core operating system and authentication protocols

  • Develop technical partnerships with keyarchitecture, project, operations, and support teams

  • Perform multi-forest and multi-domain installationand configuration of Active Directory, configuring domain trusts and manage thedirectory infrastructure services for multi-tiered DMZ network topology andconsidering IaaS Cloud solutions such as AWS and Azure.

  • Resolves and appropriately resolves requests,incidents and change requests, while providing 3 rd level escalation supportin a complex environment of heterogeneous systems and troubleshooting, providesguidance and direction in the resolution of escalated issues and/or complexproduction, application or system issues

  • Provide 3 rd -level support for anenterprise-wide Microsoft Windows distributed server platform, includingrelated technologies such as Certificate Services, IIS, Clustering, etc.

  • Own Root Cause analysis and ProblemManagement for Microsoft Server technologies including Active Directory toimprove availability, stability and improve operational process and procedures

  • Applies new solutions through research andcollaboration with respective stakeholders and determine course of action fornew application initiatives

  • Engineer solutions for monitoring, auditingand reporting of key performance indicators as they relate to Active Directoryand Windows Server services using 3 rd party solutions and nativecapabilities.

  • Ensure that Active Directory backups arecompleted successfully

  • Create and maintain system documentation for ActiveDirectory technologies, including installation, configuration, and appropriatetroubleshooting steps

  • Improve existing processes through solutionsto recurring problems and enhancements to existing solutions or documentation

  • Manage Microsoft PKI encryption technologies

  • Manage customer satisfaction througheffectively communicating and managing customer expectations




  • Minimum of 10 year’s hands-on experiencewith Microsoft Active Directory and related technologies

  • Minimum of 10 years’ experience working inan IT environment

  • Proven experience providing senior leveloperational support and implementation of large-scale, enterprise levelsolutions

  • Demonstrated experience articulating bothverbally and written, technical issues/challenges to both technical and non-technical audiences

  • Experience with the design of infrastructureand integration into new and existing systems

  • Experience with Windows Server 2012 ActiveDirectory

  • Possess an in-depth and thoroughunderstanding of monitoring best practices, preferably with Microsoft SystemCenter Operation Manager (SCOM)

  • Significant experience with infrastructureand server theories, principles and concepts; application infrastructure andstandards; networking fundamentals; Windows; Physical Server architecture;Virtualization Technologies (e.g. VMware, Hyper-V) and LAN/WAN/Firewall/VPNnetwork technologies

  • Experience with JSON and PowerShell

  • Demonstrated understanding of the InformationTechnology Infrastructure Library (ITIL) principles


  • Bachelor’s Degree

  • Experience with Cloud technologies such asAWS or Azure

  • ITIL v3 certification

  • Experience with Windows Server 2016 Active Directory

  • Previous experience working in the financialservices industry

Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the Equal Employment Opportunity Law at .

If you need assistance applying due to being visually or hearing impaired, please email Careers Help .

This organization is an equal employment opportunity (EEO) employer, dedicated to maintaining a work environment free of bias, harassment, discrimination and retaliation. As an EEO employer, this organization expressly prohibits discrimination, harassment, and retaliation on the basis of race, creed, ethnicity, color, age, religion, sex, sex stereotype, pregnancy (including childbirth, breastfeeding or related medical conditions where applicable), sexual orientation, gender, gender identity, gender expression, transgender, marital status, national origin, ancestry, physical or mental disability, requesting a reasonable accommodation based on mental or physical disability, medical condition (as defined by applicable law), genetic history and information, citizenship status, military or veteran status, or any other status protected by federal, state, or local law or ordinance or regulation (collectively referred to here as “protected characteristics”).

*©2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017


Job: Information Technology

Primary Location: CO-Broomfield

Req ID: 1715939