×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Senior Active Directory - Cloud Identity Specialist

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: Koitecc Solutions
Full Time position
Listed on 2026-06-06
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Job Description

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Summary

We are seeking a Senior Directory Services analyst to modernize our enterprise identity platform across on‑prem Active Directory, LDAP's, and other cloud-based directories and stores. The role is focused on securing employee, partner, and application access in a highly-regulated financial services environment and will partner closely with security, infrastructure, and application teams. If you are passionate about identity security and thrive in high-stakes environments, this role offers the chance to make a measurable impact on the security posture of a global enterprise.

Key Responsibilities
  • Lead architecture, engineering, and operations for Active Directory forests, domains, and Group Policy in a multi-site, highly regulated environment.
  • Design and drive adoption of hybrid identity solutions integrating on‑prem and cloud-based services.
  • Implement and optimize authentication and authorization controls: SSO, MFA, Conditional Access, identity protection, and modern protocols (SAML, OAuth2, OIDC).
  • Define and enforce standards for identity lifecycle
    : joiner/mover/leaver processes, automated provisioning/deprovisioning, access reviews, and role-based access control (RBAC).
  • Partner with stakeholders and business teams to implement least-privilege, privileged access management (PAM), and Zero Trust-aligned identity controls.
  • Lead and support AD and identity-related projects
    : domain/forest consolidation, mergers/acquisitions, cloud migrations, and re-platforming.
  • Enhance monitoring, alerting, and reporting for directory and identity health, security posture, and compliance (audit trails, SOX, GLBA, PCI, etc.)
  • Develop and maintain scripts and automation (primarily Power Shell) to drive consistency, efficiency, and security in identity operations.
  • Serve as a senior SME and escalation point for complex identity incidents, outages, and security events.
  • Produce and maintain technical documentation
    , runbooks, standards, and architecture diagrams for AD and cloud identity services.
  • Mentor and guide junior engineers, analysts, and admins and contribute to identity and access strategy and roadmap.
Required Qualifications
  • 10+ years of hands‑on experience administering and engineering enterprise Active Directory in a large, multi‑site environment.
  • Strong expertise in: AD forest/domain design, trusts, DNS, Group Policy, replication, and AD security hardening.
  • 5+ years working with Azure AD/Entra  hybrid identity (synchronization, federation, ADFS or equivalent, cloud‑only and hybrid scenarios).
  • Deep understanding of identity and access management concepts: authentication, authorization, RBAC, least privilege, PAM, Zero Trust.
  • Strong experience with MFA, Conditional Access, SSO, and identity federation using SAML, OAuth2, and OpenID Connect.
  • Proficiency with Power Shell for automation, reporting, and bulk operations in AD and Azure AD.
  • Experience operating in regulated environments (preferably banking/financial services) with audit, risk, and compliance requirements.
  • Solid understanding of networking and security fundamentals (TCP/IP, firewalls, TLS, certificates, PKI as it relates to identity).
  • Excellent communication skills and ability to translate technical identity risks…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search