Senior Director, Active Directory

ADP is hiring a Senior Director, Active Directory

Locations:
Roseland, NJ or Alpharetta, GA

• Are you empathetic to client needs and inspired by transformation and impacting the lives of millions of people every day?
• Are you an inspiring leader who people have followed and worked for over and over again?
• Are you looking to join a dynamic, inclusive team environment with a culture of collaboration and belonging?

Well, this may be the role for you. Ready to design what's next?

In this role you will lead the development, protection, and modernization of our on-premises and cloud-based identity infrastructure. You will oversee strategic initiatives such as Active Directory (AD) consolidation, certificate lifecycle management, and cloud identity integration, while ensuring the team’s alignment with security best practices and automation-first principles. You will be responsible for securing identity platforms, reducing the organization’s technical attack surface, managing hybrid cloud identity systems, and driving innovation through automation, scripting, and modern Dev Sec Ops  practices.

A deep understanding of identity security architecture, Infrastructure as Code (IaC), and end-to-end certificate management is essential.

• Lead and mentor a high-performing team managing active directory and identity infrastructure across on-premises and cloud environments.
• Define and execute the roadmap for identity management, directory services, and certificate services across hybrid infrastructure.
• Align IAM and directory strategies with organizational security policies, compliance requirements, and business continuity goals.
• Design and enforce Active Directory Tiering, segmentation, and hardening standards.
• Lead domain consolidation, forest restructuring, and trust design initiatives.
• Define and execute the roadmap to move to cloud and SaaS capabilities.
• Define, implement, and operate the use and impact of GenAI within IAM landscape along with use of GenAI in the ecosystem.

• Oversee the operation, consolidation, and security of Microsoft Active Directory (AD), in conjunction with the Azure AD (Entra ) Team
• You will ensure that access to enterprise resources is both secure and seamless , across multiple devices and environments, leveraging technologies such as Microsoft Entra  (Azure AD) for SSO and MFA , and supporting advanced authentication methods like passwordless, adaptive, and device-based authentication , along with the management of Active Directory, Virtual Directory Services (VDS), PKI , and API security .
• Govern identity lifecycle processes, group policy management, and role-based access controls.
• Manage identity federation and SSO integrations using Entra , SAML, OAuth2, and OIDC.
• Implement and maintain MFA and adaptive authentication based on risk, device, and location signals.
• Deploy and manage password less authentication solutions (FIDO2, biometrics, certificates).

• Manage and secure identity services across both on-premises data centers and public cloud platforms (Azure, AWS, and possible OCI or GCP).
• Integrate cloud-native identity tools and federated authentication mechanisms with enterprise AD.
• Develop and maintain hybrid identity synchronization strategies (e.g., Azure AD Connect, ADFS).

• Own the Public Key Infrastructure (PKI) , including root and issuing CA management.
• Manage the full certificate lifecycle for internal needs , including issuance, renewal, rotation, and revocation.
• Administer and secure Hardware Security Modules (HSMs) for cryptographic key protection.

• Collaborate with the SOC to integrate directory-related logs and alerts into the Security Information and Event Management (SIEM) systems.
• Respond to and lead investigations involving identity compromise, privilege escalation, and misconfiguration.
• Implement privileged access management (PAM) and just-in-time access controls.

• Drive adoption of Infrastructure as Code (IaC) for identity infrastructure using tools like Terraform or Ansible.
• Automate identity…