Windows Administrator with experience in Banking Domain

We have an urgent requirement for Windows Administrator with experience in Banking Domain is required for our banking clients in Abu Dhabi ,UAE

Windows Server & AD Security Administrator to maintain, patch, and harden Windows server environments at enterprise scale.--Must

Active Directory security hardening (privileged access management, Kerberos)--Must

Strong hands-on with WSUS, SCCM/MECM, Active Directory, Group Policy Management, ADCS, and LAPS.

with patching at 10,000+ endpoint scale.--Must

Familiarity with SCCM reporting, Microsoft Defender for Endpoint, Event Log analysis, and SIEM integration for AD events--Must

We are seeking a Windows Server & AD Security Administrator to maintain, patch, and harden Windows server environments at enterprise scale.

This role owns Windows Server patch management via WSUS/SCCM aligned to CIS Benchmarks, implements Active Directory security hardening including privileged access and Kerberos policies, and enforces GPO-based security baselines across 10,000+ endpoints.

You will ensure timely OS and application patch deployment to maintain compliance and system integrity.

Oversee end-to-end Windows Server patch management using WSUS and SCCM.

Plan, test, and deploy monthly security updates, out-of-band patches, and third-party application updates across production, UAT, and DR environments.

Ensure patch SLAs and compliance reporting.

Implement and maintain AD security controls: tiered privileged access model, admin account management, Kerberos policy hardening, LDAP signing/channel binding, and attack path mitigation.

Manage LAPS, gMSA, and reduce standing privilege.

Design, deploy, and audit Group Policy Objects to enforce CIS Benchmarks and internal security baselines across 10,000+ endpoints.

Manage security templates, WMI filters, and GPO versioning.

Remediate drift and exceptions with documented risk acceptance.

Use SCCM, MECM, and other tools to monitor compliance with patching and security baselines.

Generate compliance dashboards, vulnerability remediation status, and audit evidence for internal and regulatory reviews.

Support enterprise identity controls including privileged access workstations, just-in-time access, and AD trust reviews.

Troubleshoot authentication issues related to Kerberos, NTLM, and certificate-based auth.

Perform root cause analysis for patch failures, GPO issues, and AD incidents.

Follow CAB/change control processes.

Provide L3 support for Windows Server and AD outages during business and non-business hours.

5+ years administering Windows Server 2016/2019/2022 in large enterprise environments, with 2+ years focused on patching and AD security.

Strong hands-on with WSUS, SCCM/MECM, Active Directory, Group Policy Management, ADCS, and LAPS.

with patching at 10,000+ endpoint scale.

Practical knowledge of CIS Benchmarks for Windows Server and AD, Microsoft Security Baselines, Kerberos hardening, and privileged access management.

Proficiency in PowerShell for automation of patching, compliance checks, GPO management, and AD reporting.

Familiarity with SCCM reporting, Microsoft Defender for Endpoint, Event Log analysis, and SIEM integration for AD events.

operating in ITIL environments with strict change control.

Ability to produce patch schedules, risk assessments, and compliance artifacts.

Microsoft Certified: Windows Server Hybrid Administrator Associate, Security Administrator Associate, CISSP, or GSEC.

windows,bank,administrator