Senior Director, Active Directory

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field; Master’s degree preferred, or equivalent.
• 12+ years of experience in Identity & Access Management, including significant hands-on experience with Microsoft Active Directory and cloud identity platforms.
• 5+ years’ experience in managing technical teams.
• Proven experience in managing on-prem and cloud-based AD environments (Azure AD, ADFS, AD DS).
• Experience with Certificate life cycle management Tools, Example Microsoft CA, etc.
• Experience with SIEM integrations (Splunk, Sentinel, etc.).
• Experience with IAM automation with PowerShell, Python, Terraform, or similar.
• Familiarity with SAML, OAuth2, OIDC.
• Strong understanding of security frameworks (NIST, CIS Controls, ISO 27001).
• Excellent communication skills and experience interacting with cross-functional teams, including HR, legal, audit, and business leaders.
• Experience managing or mentoring a technical team in a leadership or supervisory role.
• Program & Change Management.
• Strategic thinker with a hands-on technical approach.
• Strong leadership and mentoring capabilities.
• Passionate about automation, security, and operational excellence.
• Self-driven, organized, and comfortable operating in a hybrid, fast-paced environment.
• An analytical and security-driven mindset with an eye for operational detail.

Nice To Haves

• Microsoft Certified: Identity and Access Administrator Associate.
• Microsoft Certified: Identity and Access Administrator / Azure Solutions Architect.
• Certified Information Systems Security Professional (CISSP).
• Certified Information Security Manager (CISM).
• Certified Identity and Access Manager (CIAM).
• Certified Cloud Security Professional (CCSP).
• Certification or training in PKI / digital certificates.
• AWS or Azure Security Certified.
• Certified DevSecOps Professional or equivalent.

Responsibilities

• Lead and mentor a high-performing team managing active directory and identity infrastructure across on-premises and cloud environments.
• Define and execute the roadmap for identity management, directory services, and certificate services across hybrid infrastructure.
• Align IAM and directory strategies with organizational security policies, compliance requirements, and business continuity goals.
• Design and enforce Active Directory Tiering, segmentation, and hardening standards.
• Lead domain consolidation, forest restructuring, and trust design initiatives.
• Define and execute the roadmap to move to cloud and SaaS capabilities.
• Define, implement, and operate the use and impact of GenAI within IAM landscape along with use of GenAI in the ecosystem.
• Oversee the operation, consolidation, and security of Microsoft Active Directory (AD), in conjunction with the Azure AD (Entra ID) Team.
• Ensure that access to enterprise resources is both secure and seamless, across multiple devices and environments.
• Govern identity lifecycle processes, group policy management, and role-based access controls.
• Manage identity federation and SSO integrations using Entra ID, SAML, OAuth2, and OIDC.
• Implement and maintain MFA and adaptive authentication based on risk, device, and location signals.
• Deploy and manage passwordless authentication solutions (FIDO2, biometrics, certificates).
• Manage and secure identity services across both on-premises data centers and public cloud platforms (Azure, AWS, and possible OCI or GCP).
• Integrate cloud-native identity tools and federated authentication mechanisms with enterprise AD.
• Develop and maintain hybrid identity synchronization strategies (e.g., Azure AD Connect, ADFS).
• Own the Public Key Infrastructure (PKI), including root and issuing CA management.
• Manage the full certificate lifecycle for internal needs, including issuance, renewal, rotation, and revocation.
• Administer and secure Hardware Security Modules (HSMs) for cryptographic key protection.
• Collaborate with the SOC to integrate directory-related logs and alerts into the Security Information and Event Management (SIEM) systems.
• Respond to and lead investigations involving identity compromise, privilege escalation, and misconfiguration.
• Implement privileged access management (PAM) and just-in-time access controls.
• Drive adoption of Infrastructure as Code (IaC) for identity infrastructure using tools like Terraform or Ansible.
• Automate identity management processes using PowerShell, Python, or similar scripting languages.
• Implement secure coding and automated deployment practices into CI/CD pipelines to support rapid, compliant identity changes.
• Define security guardrails and policy-as-code controls to secure pipeline-deployed infrastructure.
• Support access reviews, certifications, and internal/external audit activities.
• Drive improvements in access governance and documentation.
• Maintain compliance with regulatory and internal policies (SOX, GDPR, ISO 27001, etc.).

Benefits

• Courageous team collaboration.
• Deliver at epic scale.
• Surrounded by curious learners.
• Act like an owner & doer.
• Give back to others.
• Join a company committed to equality and equity.