**ADP is hiring a Senior Director, Active Directory** **Locations: Roseland, NJ or Alpharetta, GA** + _Are you empathetic to client needs and inspired by transformation and impacting the lives of millions of people every day?_ + _Are you an inspiring leader who people have followed and worked for over and over again?_ + _Are you looking to join a dynamic, inclusive team environment with a culture of collaboration and belonging?_ Well, this may be the role for you. Ready to design what's next? **In this role you will lead the development, protection, and modernization of our on-premises and cloud-based identity infrastructure. You will oversee strategic initiatives such as Active Directory (AD) consolidation, certificate lifecycle management, and cloud identity integration, while ensuring the team’s alignment with security best practices and automation-first principles.** You will be responsible for securing identity platforms, reducing the organization’s technical attack surface, managing hybrid cloud identity systems, and driving innovation through automation, scripting, and modern DevSecOps practices. A deep understanding of identity security architecture, Infrastructure as Code (IaC), and end-to-end certificate management is essential. **Key Responsibilities:** **Leadership & Strategy** + Lead and mentor a high-performing team managing active directory and identity infrastructure across on-premises and cloud environments. + Define and execute the roadmap for identity management, directory services, and certificate services across hybrid infrastructure. + Align IAM and directory strategies with organizational security policies, compliance requirements, and business continuity goals. + Design and enforce Active Directory Tiering, segmentation, and hardening standards. + Lead domain consolidation, forest restructuring, and trust design initiatives. + Define and execute the roadmap to move to cloud and SaaS capabilities. + Define, implement, and operate the use and impact of GenAI within IAM landscape along with use of GenAI in the ecosystem. **Directory Services & Identity Management** + Oversee the operation, consolidation, and security of Microsoft Active Directory (AD), in conjunction with the Azure AD (Entra ID) Team + You will ensure that access to enterprise resources is both **secure and seamless** , across multiple devices and environments, leveraging technologies such as **Microsoft Entra ID (Azure AD)** for **SSO and MFA** , and supporting advanced authentication methods like **passwordless, adaptive, and device-based authentication** , along with the management of **Active Directory, Virtual Directory Services (VDS), PKI** , and **API security** . + Govern identity lifecycle processes, group policy management, and role-based access controls. + Manage **identity federation** and **SSO** integrations using Entra ID, SAML, OAuth2, and OIDC. + Implement and maintain **MFA** and **adaptive authentication** based on risk, device, and location signals. + Deploy and manage **password less authentication** solutions (FIDO2, biometrics, certificates). **Cloud & Hybrid Identity Infrastructure** + Manage and secure identity services across both **on-premises data centers** and **public cloud platforms** (Azure, AWS, and possible OCI or GCP). + Integrate cloud-native identity tools and federated authentication mechanisms with enterprise AD. + Develop and maintain hybrid identity synchronization strategies (e.g., Azure AD Connect, ADFS). **Certificate & Key Management** + Own the **Public Key Infrastructure (PKI)** , including root and issuing CA management. + Manage the full **certificate lifecycle for internal needs** , including issuance, renewal, rotation, and revocation. + Administer and secure **Hardware Security Modules (HSMs)** for cryptographic key protection. **Security & Event Management** + Collaborate with the SOC to integrate directory-related logs and alerts into the **Security Information and Event Management (SIEM)** systems. + Respond to and lead investigations involving identity compromise, privilege escalation, and misconfiguration. + Implement privileged access management (PAM) and just-in-time access controls. **Automation & DevSecOps** + Drive adoption of **Infrastructure as Code (IaC)** for identity infrastructure using tools like Terraform or Ansible. + Automate identity management processes using **PowerShell** , **Python** , or similar scripting languages. + Implement secure coding and automated deployment practices into **CI/CD pipelines** to support rapid, compliant identity changes. + Define security guardrails and policy-as-code controls to secure pipeline-deployed infrastructure. **Identify Access Audit, Compliance, and Certifications** + Support access reviews, certifications, and internal/external audit activities. + Drive improvements in access governance and documentation. + Maintain compliance with regulatory and internal policies (SOX, GDPR, ISO 27001, etc.). You're a passionate leader focused on engagement as well as results, and you're not afraid to roll your sleeves up and dive into the code when necessary. As part of our team, you'll find exciting challenges, get opportunities to grow your career, and develop solid friendships as we design what's next for ADP and the industry. Pace should not scare you. We still find time for a healthy dose of fun. Like what you see? **Apply now!** **Learn more about ADP at jobs.adp.com.** **WHAT YOU'LL DO:** **Here's what you can expect on a typical day:** + You'll start each day with a scrum, working in a team to understand responsibilities, identify issues, and communicate coding priorities while choosing user stories to complete. You must know Agile well. + Your seven or more years of team leadership have delivered amazing results, and you pride yourself on developing the people who work for you, as well as providing an inclusive team environment where they all can thrive. If asked, they would follow you anywhere and enthusiastically credit you with helping to grow their careers. + Working in two-week sprints, you must keep up with timelines and coding standards. You'll be looking ahead to the next coding criteria to build technically sound and functional tools. + **Continuous Learning.** An eagerness to learn will help you keep up with ever-changing technologies and maintain the ability to create the best tools for our clients. You are comfortable and thrive in an autonomous role since that will be essential for your success. + You'll work with business leadership and project management to understand priorities and create automation accordingly. + You will present and defend your team's approach to leadership. There is no typical day as you partner and work with people across the development organization to turn ideas into reality. + You have 12+ years of experience in relevant skills gained and developed in the same or similar role. **TO SUCCEED IN THIS ROLE:** + Bachelor’s degree in Computer Science, Cybersecurity, or a related field; Master’s degree preferred, or equivalent. + **12+ years of experience in Identity & Access Management, including significant hands-on experience with Microsoft Active Directory and cloud identity platforms.** + 5+ years’ experience in managing technical teams. + Proven experience in managing: + On-prem and cloud-based AD environments (Azure AD, ADFS, AD DS) + Certificate life cycle management Tools., Example Microsoft CA, etc. + SIEM integrations (Splunk, Sentinel, etc.) + IAM automation with PowerShell, Python, Terraform, or similar. + **SAML, OAuth2, OIDC** + **Active Directory** , **Virtual Directory Services (VDS)** , **PKI** + Familiarity with Zero Trust architecture and modern IAM patterns (e.g., Conditional Access, MFA enforcement, SSO, SCIM). + Strong understanding of security frameworks (NIST, CIS Controls, ISO 27001) + Excellent communication skills and experience interacting with cross-functional teams, including HR, legal, audit, and business leaders. + Able to communicate effectively with both technical teams and senior leadership + Experience managing or mentoring a technical team in a leadership or supervisory role. + Program & Change Management + Strategic thinker with a hands-on technical approach + Strong leadership and mentoring capabilities + Passionate about automation, security, and operational excellence + Self-driven, organized, and comfortable operating in a hybrid, fast-paced environment + An analytical and security-driven mindset with an eye for operational detail. **Preferred Certifications:** + Microsoft Certified: Identity and Access Administrator Associate + Microsoft Certified: Identity and Access Administrator / Azure Solutions Architect + Certified Information Systems Security Professional ( **CISSP** ) + Certified Information Security Manager ( **CISM** ) + Certified Identity and Access Manager ( **CIAM** ) + Certified Cloud Security Professional (CCSP) + Certification or training in PKI / digital certificates + AWS or Azure Security Certified + Certified DevSecOps Professional or equivalent **YOU'LL LOVE WORKING HERE BECAUSE YOU CAN:** + **Have courageous team collaboration.** Courage comes from how associates are willing to have difficult conversations, speak up, be an owner, and challenge one another's ideas to net out the best solution. + **Deliver at epic scale.** We deliver real user outcomes using strong judgment and good instincts. We're obsessed with the art of achieving simplicity with a focus on client happiness and productivity. + **Be surrounded by curious learners.** We align ourselves with other smart people in an environment where we grow and elevate one another to the next level. We encourage our associates to listen, stay agile, and learn from mistakes. + **Act like an owner & doer.** Mission-driven and committed to leading change, you will be encouraged to take on any challenge and solve complex problems. No tasks are beneath or too great for us. We are hands-on and willing to master our craft. + **Give back to others.** Always do the right thing for our clients and our community and humbly give back to the community where we live and work. Support our associates in times of need through ADP's Philanthropic Foundation. + **Join a company committed to equality and equity.** Our goal is to impact lasting change through our actions. What are you waiting for? **Apply today!** Find out why people come to ADP and why they stay: https://youtu.be/ODb8lxBrxrY (ADA version: https://youtu.be/IQjUCA8SOoA ) \#LI-CZ1 \#LI-Hybrid Base salary offers for this position may vary based on factors such as location, skills, and relevant experience. Some positions may include additional compensation in the form of bonus, equity or commissions. We offer the following benefits: Medical, Dental, Vision, Life Insurance, Matched Retirement Savings, Wellness Program, Short-and Long-Term Disability, Charitable Contribution Match, Holidays, Personal Days & Vacation, Paid Volunteer Time Off, and more. The compensation for this role is USD $126,800.00 - USD $339,660.00 / Year* *Actual compensation will not be less than the applicable minimum wage or minimum exempt salary requirement under federal, state and local laws. **A little about ADP:** We are a comprehensive global provider of cloud-based human capital management (HCM) solutions that unite HR, payroll, talent, time, tax and benefits administration and a leader in business outsourcing services, analytics, and compliance expertise. We believe our people make all the difference in cultivating a down-to-earth culture that embraces our core values, welcomes ideas, encourages innovation, and values belonging. We've received recognition for our work by many esteemed organizations, learn more at ADP Awards and Recognition (https://www.adp.com/about-adp/awards-and-recognition.aspx) . **Diversity, Equity, Inclusion & Equal Employment Opportunity at ADP:** ADP is committed to an inclusive, diverse and equitable workplace, and is further committed to providing equal employment opportunities regardless of any protected characteristic including: race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, protected veteran status or disability. Hiring decisions are based upon ADP’s operating needs, and applicant merit including, but not limited to, qualifications, experience, ability, availability, cooperation, and job performance. **Ethics at ADP:** ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click https://jobs.adp.com/life-at-adp/ to learn more about ADP’s culture and our full set of values.