About this role
About this role
We are looking for a Directory Services engineering lead who will be responsible for designing and building Active Directory, Azure AD (Entra ID), Active Directory Federation Services, Conditional Access, Public Key Infrastructure and OIDC/SAML based authentication systems.
The ideal candidate will have a strong background in systems engineering, a proven track record of maintaining high availability and performance, familiarity with NIST cybersecurity standards, and experience in managing systems & licensing.
Responsibilities:
Technical lead for team of 4 Directory Services engineers
Design, build, and maintain Directory Services environments across various hosting platforms both on-prem and in cloud (Azure and AWS), ensuring system reliability, efficiency, and compliance with security standards
Design and manage multiple Active Directory forests and domains as well as Azure AD (Entra ID) across multiple tenants
Execute integrations of new domains arising from M&A activity
Implement and manage OIDC / SAML auth for systems and application access with SSO
Assist in migration of PKI from Windows CA to KeyFactor
Maintain and enhance the CyberArk password vault infrastructure
Develop and maintain documentation related to various Directory Services configurations, processes, and service records
Collaborate with IT security teams to establish and maintain security baselines, respond to security incidents, and ensure compliance with NIST cybersecurity standards
Develop and execute PowerShell scripts for automation of tasks, system management, and troubleshooting
Manage relevant licensing for Directory Services systems, ensuring compliance with legal and contractual obligations
Experience with infrastructure as code using Terraform and Azure DevOps
Qualifications:
Bachelor’s degree in Computer Science, Information Technology, or related field
Minimum of 5 years of experience in Directory Services administration and engineering
Strong experience with Active Directory, Azure AD (Entra ID), ADFS, Group Policy, OIDC / SAML and PKI technologies
Proficiency in using Azure DevOps, Splunk, Okta, and PowerShell for system management
Knowledge of ITIL practices, experience in inventory management, familiarity with NIST cybersecurity standards, and experience in managing system licensing
Experience with continuous integration and deployment pipelines using Azure Pipelines and Terraform
Excellent problem-solving skills and the ability to work in a fast-paced environment
Strong communication and collaboration skills
Our benefits
To help you stay energized, engaged and inspired, we offer a wide range of benefits including a strong retirement plan, tuition reimbursement, comprehensive healthcare, support for working parents and Flexible Time Off (FTO) so you can relax, recharge and be there for the people you care about.
Our hybrid work model
BlackRock’s hybrid work model is designed to enable a culture of collaboration and apprenticeship that enriches the experience of our employees, while supporting flexibility for all. Employees are currently required to work at least 4 days in the office per week, with the flexibility to work from home 1 day a week. Some business groups may require more time in the office due to their roles and responsibilities. We remain focused on increasing the impactful moments that arise when we work together in person – aligned with our commitment to performance and innovation. As a new joiner, you can count on this hybrid model to accelerate your learning and onboarding experience here at BlackRock.
About BlackRock
At BlackRock, we are all connected by one mission: to help more and more people experience financial well-being. Our clients, and the people they serve, are saving for retirement, paying for their children’s educations, buying homes and starting businesses. Their investments also help to strengthen the global economy: support businesses small and large; finance infrastructure projects that connect and power cities; and facilitate innovations that drive progress.
This mission would not be possible without our smartest investment – the one we make in our employees. It’s why we’re dedicated to creating an environment where our colleagues feel welcomed, valued and supported with networks, benefits and development opportunities to help them thrive.
For additional information on BlackRock, please visit @blackrock | Twitter: @blackrock | LinkedIn: www.linkedin.com/company/blackrock
BlackRock is proud to be an equal opportunity workplace. We are committed to equal employment opportunity to all applicants and existing employees, and we evaluate qualified applicants without regard to race, creed, color, national origin, sex (including pregnancy and gender identity/expression), sexual orientation, age, ancestry, physical or mental disability, marital status, political affiliation, religion, citizenship status, genetic information, veteran status, or any other basis protected under applicable federal, state, or local law. View the EEOC’s Know Your Rights poster and its supplement and the pay transparency statement.
BlackRock is committed to full inclusion of all qualified individuals and to providing reasonable accommodations or job modifications for individuals with disabilities. If reasonable accommodation/adjustments are needed throughout the employment process, please email [email protected]. All requests are treated in line with our privacy policy.
BlackRock will consider for employment qualified applicants with arrest or conviction records in a manner consistent with the requirements of the law, including any applicable fair chance law.Skills Required
- Bachelor's degree in Computer Science, Information Technology, or related field.
- Minimum of 5 years of experience in Directory Services administration and engineering.
- Strong experience with Active Directory, Azure AD (Entra ID), ADFS, and Group Policy.
- Experience designing and managing multiple Active Directory forests, domains, and Azure AD across multiple tenants.
- Experience implementing OIDC / SAML authentication and SSO for systems and applications.
- Experience with PKI technologies and assisting migration from Windows CA to KeyFactor.
- Experience maintaining and enhancing CyberArk password vault infrastructure.
- Proficiency in PowerShell for automation, system management, and troubleshooting.
- Experience with infrastructure as code using Terraform and CI/CD with Azure DevOps / Azure Pipelines.
- Proficiency with Azure DevOps, Splunk, and Okta for system management and monitoring.
- Knowledge of ITIL practices, inventory management, and familiarity with NIST cybersecurity standards.
- Experience managing system licensing and ensuring compliance with legal/contractual obligations.
- Experience executing integrations of new domains arising from M&A activity.
- Excellent problem-solving skills and ability to work in a fast-paced environment.
- Strong communication and collaboration skills; experience leading a technical team.
- Experience working across on-prem and cloud platforms (Azure and AWS).
What We Do
As the world’s largest asset manager, BlackRock partners with investors around the globe to help them (and those on whose behalf they invest) plan for life’s most important goals – like retirement, home ownership and their children’s education. Our clients range from governments, foundations and other large institutions to those investing on behalf of individuals, including firefighters, nurses, teachers and factory workers. BlackRock was founded with the idea of creating a better asset management firm — one that was purpose-driven, focused on clients and risk management, and propelled by data and technology. Our breakthrough Aladdin® platform is BlackRock’s technological backbone, helping investors see and manage their whole portfolios in one place – from constructing investments to monitoring risk and executing trades. Used by hundreds of external institutions around the world, Aladdin combines powerful analytics and a common language to help investment teams make faster, more informed decisions across public and private markets. It’s a key part of our business and one of the reasons we’re trusted to manage more assets than any other investment manager today. At BlackRock, we challenge conventions and raise the bar for what’s possible. We harness technology to unlock new solutions, simplify complexity, and deliver investment strategies that meet people where they are. Whether it’s retirement planning, wealth building or navigating market shifts, we’re here to help clients invest more easily, more affordably and with more choice as we chart a path toward financial well-being together. Learn more: Careers.BlackRock.com
Why Work With Us
Without our people, technology is irrelevant. When we combine the power of people with the power of technology, we amplify our ability to create better outcomes for our employees, clients, shareholders and society alike.
Gallery
BlackRock Teams
BlackRock Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
BlackRock has 25,000 employees across more than 100 offices in over 40 countries around the world.
