Information Security Engineering Senior Manager

About The Position

Requirements

• 6+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of management or leadership experience
• 6+ years of experience designing, operating, and securing enterprise- level Active Directory environments

Nice To Haves

• Demonstrated experience owning Active Directory security architecture in a highly regulated enterprise.
• Proven people management experience leading senior engineering and platform teams.
• Deep hands‑on expertise with Microsoft Entra and hybrid identity architectures.
• Strong experience designing high availability, replication, and disaster recovery for identity platforms.
• Experience operating under regulatory, audit, and cyber‑resiliency scrutiny.
• Experience implementing privileged access isolation and admin forest models.
• Experience supporting Zero Trust identity architectures.
• Background in financial services or similarly regulated industries.
• Experience leading large‑scale identity or infrastructure modernization initiatives.

Responsibilities

• Lead and manage a team of directory services and authentication engineers and architects responsible for day‑to‑day platform design, implementation, and support.
• Set technical direction, architectural standards, and execution priorities for the team in alignment with enterprise IAM strategy.
• Ensure strong engineering discipline, documentation standards, and design review rigor across all directory and authentication initiatives.
• Act as an escalation point for complex architectural, security, and availability issues affecting identity platforms.
• Develop and mentor senior technical talent, building depth and succession within the directory and authentication domain.
• Serve as the accountable design authority and platform owner for very large, security‑sensitive Active Directory environments.
• Define and govern forest and domain architecture, including trust models, isolation strategies, and blast‑radius containment.
• Own OU design, delegation models, administrative separation, and naming conventions.
• Establish and enforce Group Policy architecture and security baselines.
• Lead Active Directory security hardening, including privileged tiering, administrative isolation, and reduction of legacy exposure.
• Architect protections against credential theft, lateral movement, and domain compromise, ensuring alignment with modern threat models and regulatory expectations.
• Own architecture for hybrid and cloud‑native identity, including integration between Active Directory and Microsoft Entra.
• Define synchronization, attribute governance, and source‑of‑authority models appropriate for enterprise scale.
• Ensure Entra architecture aligns with Zero Trust principles and enterprise access management standards.
• Own the enterprise Linux authentication architecture and its integration with Active Directory and Microsoft Entra.
• Define secure, scalable patterns for centralized Linux authentication, authorization, and privilege enforcement.
• Ensure consistent authentication architecture across on‑prem, private cloud, and public cloud Linux environments.
• Partner with infrastructure and platform teams to standardize Linux authentication and reduce platform‑specific risk.
• Architect and own high availability and disaster recovery strategies for directory and authentication platforms.
• Define replication topology, site design, and failover patterns to meet enterprise RTO and RPO requirements.
• Ensure identity service continuity during cyber events, outages, and major infrastructure incidents.
• Participate in and lead resilience testing and recovery exercises related to identity infrastructure.
• Work very closely with the Head of IAM Architecture to ensure directory and authentication platforms align with enterprise identity standards and target‑state architecture.
• Partner with the Head of IAM Engineering to ensure architectural intent is translated into secure, reliable engineering implementation.
• Collaborate with IAM Product Development and Support teams to ensure authentication platforms meet product requirements, scale reliably, and are supportable in production.
• Define and govern integration patterns between Active Directory, Microsoft Entra, Linux authentication platforms, and downstream identity providers.
• Serve as the final architectural approver for changes impacting directory and authentication platforms.

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement