Enterprise Identity Engineer Job Spring area,Texas USA,IT/Tech

We are seeking a highly skilled Enterprise Identity Engineer to manage, support, and secure enterprise identity infrastructure.
This role is responsible for the administration, reliability, and security of Active Directory and related identity services that underpin critical business systems.
The position includes Tier 0 / Enterprise Administrator access, requiring the highest levels of trust, security awareness, and technical expertise.
Due to the elevated cybersecurity risk associated with this role, candidates must be willing to successfully complete an enhanced background check as a condition of assignment.
This is an onsite role based in Spring, TX, supporting a large‑scale enterprise environment and participating in an on‑call rotation for identity and security services.

Responsibilities

Administer, maintain, and secure Active Directory (AD) environments, including domain controllers, replication, DNS, and security hardening.
Manage Active Directory Certificate Services (ADCS) and enterprise Public Key Infrastructure (PKI), including certificate lifecycle management.
Support and maintain Active Directory Federation Services (ADFS) and integrations with internal and external identity providers.
Implement and manage Azure Information Protection (AIP) to support enterprise data security and classification initiatives.
Configure and manage Hardware Security Modules (HSMs) for cryptographic key protection and secure operations.
Design, implement, and enforce Group Policy Objects (GPOs) to meet security, compliance, and operational standards.
Ensure secure authentication and authorization through deep expertise in Kerberos, Service Principal Names (SPNs), and keytab management.
Utilize Quest tools (Change Auditor, RMAD, GPOAdmin) for auditing, monitoring, disaster recovery, and policy governance.
Deploy and manage cloud infrastructure in AWS, leveraging Terraform and Infrastructure‑as‑Code (IaC) practices for automation and consistency.
Develop and maintain Power Shell automation scripts for operational efficiency, reporting, and security controls.
Partner with cybersecurity and compliance teams to ensure adherence to enterprise security standards and best practices.
Participate in an on‑call rotation to support critical identity and security services and resolve high‑severity incidents.
Work as part of an Agile team, participating in ceremonies and collaborating with application developers, business stakeholders, and infrastructure teams.

Required Qualifications

Strong experience administering Active Directory in complex, enterprise‑scale environments.
Hands‑on expertise with ADCS, PKI, and certificate lifecycle management.
Advanced experience managing and troubleshooting Group Policy Objects (GPOs).
Proficiency in Power Shell scripting for automation, auditing, and reporting.
Experience with Terraform and Infrastructure‑as‑Code concepts.
Familiarity with AWS infrastructure and cloud‑based identity integrations.
Experience using Quest Change Auditor, RMAD, and GPOAdmin.
Solid understanding of enterprise security principles, especially those related to privileged access and identity protection.
Ability to meet requirements for enhanced background screening due to Tier 0 access.

Preferred Qualifications

Experience with Azure Information Protection (AIP) or Microsoft security and identity services.
Knowledge of HSM configuration and cryptographic key management.
Experience supporting identity platforms in regulated or high‑security environments.
Prior work in large enterprises or oil & gas‑scale environments.

#J-18808-Ljbffr