Lead, Infrastructure Security Engineer - Active Directory and ADFS

Job Overview

Lead Infrastructure Security Engineer – Workforce Identity Management team. Partner with product owners, tech leads, and security stakeholders to improve Prudential’s identity and access management platform and ensure compliance with Information Security Standards.

• Review and understand Information Security Standards and Engineering Specifications; create action plans to remediate out‑of‑compliance issues.
• Maintain product security throughout the lifecycle, integrating new security features and updates into existing products.
• Collaborate with the Information Security Office to complete security hardening on identity management platforms.
• Work with other engineering teams to maintain a secure and highly available environment.
• Coordinate patch and upgrade scheduling for identity management platform systems; ensure accurate operational data in the CMDB.
• Provide technical support to stakeholders and business applications teams.
• Leverage emerging technologies to advise and assist team members.
• Solve complex problems requiring evaluation of intangible variables.

• Bachelor’s degree in Computer Science or related field.
• Experience with security identity architectures and privileged access management.
• Audit and compliance engagements; ability to field PCI/SOX/Federal regulatory requirements and remedial action plans.
• Mentorship ability; leverage diverse ideas to benefit the organization.
• Agile development methodologies and Test‑Driven Development (TDD).
• Business concepts, tools, and processes for sound decision‑making in a business context.
• Continuous learning mindset and problem‑solving, communication, and collaboration skills.

• On‑Premises Microsoft Identity platform:
  • Active Directory Domain Services (ADDS) – troubleshooting, management, health and performance, trust relationships, security controls, GPO creation and management, replication topology, DNS, certificate management.
  • Active Directory Federation Services (ADFS) – troubleshooting, management, claims rules, relying party trusts, Web Application Proxy (WAP).
  • Authentication protocols: LDAP, Kerberos; SSO protocols: SAML, WS‑Federation.
  • Server administration – Windows Server operating system, Power Shell scripting and automation.
  • Cloud understanding – Microsoft Azure and EntraID.
• 10+ years focused on IAM technology and 6+ years in IT/Cybersecurity.
• 10+ years of ADand ADFS server maintenance and management.
• Bachelor’s degree or equivalent experience in computer science.
• Experience with after‑hours on‑call rotation.

• Technologies:
  Hyper‑V, Microsoft System Center (SCCM, SCVMM, SCOM, SCORH), Splunk, Service Now.
• Agile tools:
  Jira, Jira Align; documentation in Confluence.

• Salary range: $133,600 – $220,400 annually (geographically adjusted).
• Medical, dental, vision, life, and disability insurance.
• Paid Time Off (PTO) and leave including parental and military leave.
• 401(k) plan with up to 4% company match.
• Company‑funded pension plan.
• Wellness program up to $1,600 per year for wellbeing items.
• Work‑life resources covering parenting, housing, finances, legal matters, education, mental health, and career development.
• Education benefit for college or certificate programs.
• Employee Stock Purchase Plan at 85% of the lower of two prices.
• Discretionary annual incentive program eligibility.

Prudential Financial, Inc. of the United States is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender identity, genetics, disability, marital status, age, veteran status, domestic partner status, medical condition, or any other characteristic protected by law.