The Sr. Systems Engineer provides technical expertise related to design, management, and security of identity infrastructures across our retail enterprise. This role is responsible for ensuring strong authentication, access control, and threat mitigation strategies to protect retail operations, corporate environments, customer-facing applications and cloud environments. Additionally, the role will assist in the design and rollout of new technologies in the environment.

Essential Functions:

· Active Directory Architecture & Administration: Design, configure, and maintain Active Directory (AD), Azure AD, and hybrid identity environments

· Access Security & Authentication: Multi-Factor Authentication (MFA), Conditional Access, and Single Sign-On (SSO) policies

· Identity Protection & Threat Mitigation: Implementation and support of Privileged Access Management (PAM), and Just-In-Time (JIT) access

· Zero Trust & Least Privilege Principles: Strengthen Role-Based Access Control (RBAC), segmentation, and security posture across retail stores and corporate IT

· Group Policy Management: Define and enforce GPO policies for authentication, user access, and device security and configuration

· Privileged Identity Management (PIM): Implement and monitor privileged access restrictions for IT administrators and retail executives

· Retail-Specific Security Protocols: Ensure secure access to POS systems, inventory management, and internal corporate applications

· Identity Synchronization & Security Compliance: Manage Azure AD Connect, SAML, OAuth, aligning with PCI DSS, GDPR, and other regulatory requirements

· PowerShell Automation: Develop automation script to support user and device provisioning, access reviews, and policy enforcement

· Documentation and knowledge transfer to operations and support personnel

Education / Experience Requirements:

Position Contribution Level :

Minimum Education & Experience:

• College or university degree in Computer Science or any equivalent.

• 10+ years of experience in supporting production systems, fixing incidents.

Knowledge / Skills Requirements:

• Strong expertise in Active Directory, Azure AD, and hybrid identity security • Strong Experience with Office 365 services • Knowledge of Microsoft Entra ID, PAM, and privileged access solutions • Experience with RBAC, and compliance-driven identity security • Familiarity with PCI DSS, GDPR, and retail IT security best practices • Proficiency in PowerShell scripting • Experience with other technologies such as VMWare, Hyper-V, Server Infrastructure • Ability to learn new applications quickly, and support them in production

• Ability to think on both broad and detailed levels

• Excellent analytical abilities. Demonstrated problem solving skills in complex system environment

• Strong verbal, written and communication and presentation skills

• Should be a team player, with ability to work in a highly collaborative environment

Physical Requirements:

• Requires sitting at a desk for long periods of time

Reporting Relationships:

Supervisor :

Manager, IT

Disclaimer: For reasonable accommodation information for an ADAAA qualified disability please see Belk Associate Handbook for policy and procedures.

#LI-CM1

#IND3

#LI-HYBRID