Senior Director, Active Directory

ADP•Glenvar Heights, FL

3h•Remote

About The Position

In this role you will lead the development, protection, and modernization of our on-premises and cloud-based identity infrastructure. You will oversee strategic initiatives such as Active Directory (AD) consolidation, certificate lifecycle management, and cloud identity integration, while ensuring the team’s alignment with security best practices and automation-first principles. You will be responsible for securing identity platforms, reducing the organization’s technical attack surface, managing hybrid cloud identity systems, and driving innovation through automation, scripting, and modern DevSecOps practices. A deep understanding of identity security architecture, Infrastructure as Code (IaC), and end-to-end certificate management is essential. You're a passionate leader focused on engagement as well as results, and you're not afraid to roll your sleeves up and dive into the code when necessary. As part of our team, you'll find exciting challenges, get opportunities to grow your career, and develop solid friendships as we design what's next for ADP and the industry. Pace should not scare you. We still find time for a healthy dose of fun. Here's what you can expect on a typical day: You'll start each day with a scrum, working in a team to understand responsibilities, identify issues, and communicate coding priorities while choosing user stories to complete. You must know Agile well. Your seven or more years of team leadership have delivered amazing results, and you pride yourself on developing the people who work for you, as well as providing an inclusive team environment where they all can thrive. If asked, they would follow you anywhere and enthusiastically credit you with helping to grow their careers. Working in two-week sprints, you must keep up with timelines and coding standards. You'll be looking ahead to the next coding criteria to build technically sound and functional tools. Continuous Learning. An eagerness to learn will help you keep up with ever-changing technologies and maintain the ability to create the best tools for our clients. You are comfortable and thrive in an autonomous role since that will be essential for your success. You'll work with business leadership and project management to understand priorities and create automation accordingly. You will present and defend your team's approach to leadership. There is no typical day as you partner and work with people across the development organization to turn ideas into reality. You have 12+ years of experience in relevant skills gained and developed in the same or similar role.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, or a related field; Master’s degree preferred, or equivalent.
12+ years of experience in Identity & Access Management, including significant hands-on experience with Microsoft Active Directory and cloud identity platforms.
5+ years’ experience in managing technical teams.
Proven experience in managing: On-prem and cloud-based AD environments (Azure AD, ADFS, AD DS) Certificate life cycle management Tools., Example Microsoft CA, etc. SIEM integrations (Splunk, Sentinel, etc.) IAM automation with PowerShell, Python, Terraform, or similar. SAML, OAuth2, OIDC Active Directory, Virtual Directory Services (VDS), PKI
Familiarity with Zero Trust architecture and modern IAM patterns (e.g., Conditional Access, MFA enforcement, SSO, SCIM).
Strong understanding of security frameworks (NIST, CIS Controls, ISO 27001)
Excellent communication skills and experience interacting with cross-functional teams, including HR, legal, audit, and business leaders.
Able to communicate effectively with both technical teams and senior leadership
Experience managing or mentoring a technical team in a leadership or supervisory role.
Program & Change Management
Strategic thinker with a hands-on technical approach
Strong leadership and mentoring capabilities
Passionate about automation, security, and operational excellence
Self-driven, organized, and comfortable operating in a hybrid, fast-paced environment
An analytical and security-driven mindset with an eye for operational detail.

Nice To Haves

Microsoft Certified: Identity and Access Administrator Associate
Microsoft Certified: Identity and Access Administrator / Azure Solutions Architect
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Identity and Access Manager (CIAM)
Certified Cloud Security Professional (CCSP)
Certification or training in PKI / digital certificates
AWS or Azure Security Certified
Certified DevSecOps Professional or equivalent

Responsibilities

Lead and mentor a high-performing team managing active directory and identity infrastructure across on-premises and cloud environments.
Define and execute the roadmap for identity management, directory services, and certificate services across hybrid infrastructure.
Align IAM and directory strategies with organizational security policies, compliance requirements, and business continuity goals.
Design and enforce Active Directory Tiering, segmentation, and hardening standards.
Lead domain consolidation, forest restructuring, and trust design initiatives.
Define and execute the roadmap to move to cloud and SaaS capabilities.
Define, implement, and operate the use and impact of GenAI within IAM landscape along with use of GenAI in the ecosystem.
Oversee the operation, consolidation, and security of Microsoft Active Directory (AD), in conjunction with the Azure AD (Entra ID) Team
You will ensure that access to enterprise resources is both secure and seamless, across multiple devices and environments, leveraging technologies such as Microsoft Entra ID (Azure AD)for SSO and MFA, and supporting advanced authentication methods like passwordless, adaptive, and device-based authentication, along with the management of Active Directory, Virtual Directory Services (VDS), PKI, and API security.
Govern identity lifecycle processes, group policy management, and role-based access controls.
Manage identity federation and SSO integrations using Entra ID, SAML, OAuth2, and OIDC.
Implement and maintain MFA and adaptive authentication based on risk, device, and location signals.
Deploy and manage password less authentication solutions (FIDO2, biometrics, certificates).
Manage and secure identity services across both on-premises data centers and public cloud platforms (Azure, AWS, and possible OCI or GCP).
Integrate cloud-native identity tools and federated authentication mechanisms with enterprise AD.
Develop and maintain hybrid identity synchronization strategies (e.g., Azure AD Connect, ADFS).
Own the Public Key Infrastructure (PKI), including root and issuing CA management.
Manage the full certificate lifecycle for internal needs, including issuance, renewal, rotation, and revocation.
Administer and secure Hardware Security Modules (HSMs) for cryptographic key protection.
Collaborate with the SOC to integrate directory-related logs and alerts into the Security Information and Event Management (SIEM) systems.
Respond to and lead investigations involving identity compromise, privilege escalation, and misconfiguration.
Implement privileged access management (PAM) and just-in-time access controls.
Drive adoption of Infrastructure as Code (IaC) for identity infrastructure using tools like Terraform or Ansible.
Automate identity management processes using PowerShell, Python, or similar scripting languages.
Implement secure coding and automated deployment practices into CI/CD pipelines to support rapid, compliant identity changes.
Define security guardrails and policy-as-code controls to secure pipeline-deployed infrastructure.
Support access reviews, certifications, and internal/external audit activities.
Drive improvements in access governance and documentation.
Maintain compliance with regulatory and internal policies (SOX, GDPR, ISO 27001, etc.).