Talent.com
This job offer is not available in your country.
IDAM Active Directory Senior Administrator

IDAM Active Directory Senior Administrator

ConfidentialHyderabad / Secunderabad, Telangana
30+ days ago
Job description

POSITION RESPONSIBILITIES

  • Maintain, configure, and operate the Active Directory platform and related integrations, focusing on hands-on implementation and technical engineering across all domains, including corporate and OT environments.
  • Monitor and ensure the performance, scalability, and security of all in-scope platforms, collaborating with a team to manage day-to-day tasks while stepping in directly to address critical issues or escalations as needed.
  • Monitor and optimize system performance, ensuring maximum uptime, scalability, and security of IDAM and Directory services.
  • Provide Level 2 (L2) and Level 3 (L3) support for directory-related issues, troubleshooting complex problems and delivering timely, high-quality user experiences.
  • Participate in shift rotations to deliver 16x5 operations for IDAM services and provide off-hours escalation support for high-priority incidents (P1, P2).
  • Plan, execute, and supervise installations, maintenance, and configuration changes across in-scope IDAM systems and services, utilizing coding and engineering expertise for efficient implementation.
  • Drive adherence to global IDAM policies and processes, ensuring secure and efficient access to Zoetis information systems for all users.
  • Lead, mentor, and develop a team of L2 and L3 administrators, analysts, and engineers, fostering professional growth while driving operational excellence and efficiency across all IDAM functions.
  • Ensure close collaboration between the ZICC IDAM team and Service Desk, Site Services, and Security Operations teams to enhance IAM support processes and optimize cross-team workflows.
  • Act as a hands-on technical subject matter expert, providing detailed coding, configuration, and engineering guidance for relevant IDAM programs and initiatives.
  • Ensure compliance with global IDAM policies, processes, and regulatory requirements, delivering secure and efficient access to Zoetis information systems for all users. (100%)

ORGANIZATIONAL RELATIONSHIPS

  • Reports to ZICC Directory & Authentication Technology Lead, with a dotted line to US-based Head of IDAM and IDAM Operations & Directory Services Leads.
  • Part of the global Technology Risk Management organization, reporting to the Chief Information Security Officer (CISO).
  • Collaborates regularly with ZTD application, business partner, and infrastructure teams.
  • Interacts with external vendors or partners providing software, services, or APIs that require integration with IDAM systems, including establishing requirements, negotiating contracts, and facilitating technical integration.
  • Collaborates with implementation partners responsible for deploying, configuring, or maintaining integrated solutions within Zoetis' IT landscape.

    • EDUCATION AND EXPERIENCE

    Education :

  • University Degree in Computer Science or Information Systems is required.
  • MS or advanced security / identity courses or other applicable certifications is desirable, including :
  • Certified Information Systems Security Professional (CISSP).

    • Experience :

  • Minimum 6+ years of experience in Information Systems.
  • 4+ years of detailed, hands-on experience with IDAM, especially AD, SSO, PKI, MFA.
  • 2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.
  • Experience working with global teams across multiple time zones.
  • Proven experience in managing medium to large-scale, global IT projects.
  • Demonstrated ability to work within diverse technical teams.
  • Proven experience in leading technical teams and managing end-to-end solution delivery.
  • Strong experience collaborating with Managed Service Providers (MSPs), focusing on ensuring quality and alignment.

    • TECHNICAL SKILLS REQUIREMENTS

    This is a detailed, hands-on technical role. The ideal candidate will demonstrate proficiency in these areas and provide leadership with respect to specific technologies :

    Enterprise & Cloud Directories :

  • In-depth expertise in Microsoft Active Directory (AD) management , including trust relationships and replication.
  • Synchronization between EntraID and other systems using EntraID Connect .
  • Expertise with AD support tools such as Quest Active Roles Server (ARS), Change Auditor , and Recovery Manager .
  • Proficiency in PowerShell scripting for automation, troubleshooting, and administrative tasks.
  • Strong understanding of Organizational Units (OUs), Group Policies, software distribution, and Group Management , including dynamic groups, nested group structures, and permissions management.
  • Experience implementing and securing password policy and self-service password reset solutions and deploying passwordless authentication methods to enhance security and user convenience.
  • Strong understanding of OT domains and their integration with directory services.
  • Understanding of Microsoft EntraID (formerly Azure AD), including Conditional Access Policies, Modern Authentication, Single Sign-On (SSO), and B2B trusts .
  • Strong understanding of messaging and mobile device management principles and technologies to ensure seamless integration with directory services.
  • Experience with Linux authentication and integration with directory services is highly desirable.

    • Multi-Factor Authentication (MFA), Public Key Infrastructure (PKI), Digital Certificates & Encryption :

  • Expertise in Microsoft Certificate Authority and domain controller encryption.
  • Experience with MFA solutions such as SafeNet MobilePass or similar platforms.

    • Disaster Recovery :

  • Experience with disaster recovery processes from a directory services perspective, ensuring business continuity during outages.

    • Application Hosting & Privileged Access Management (PAM) :

  • Strong understanding of on-premise and IaaS application hosting activities, especially in Azure environments .
  • Proficiency in PAM integration with directory services , including password vaulting, rotation, and Just-in-Time Access (JITA) .

    • End-User and Technology Team Support :

  • Experience providing or supervising Level 2 (L2) and Level 3 (L3) support for identity and authentication issues for both end users and technology teams.
  • Knowledge of troubleshooting authentication failures and collaborating with application teams to resolve availability issues.
  • Familiarity with incident response and root cause analysis for authentication service outages, identity synchronization issues, and cybersecurity events.
  • Experience working with Service Desk, Site Services, and Security Operations teams to enhance IAM support processes.

    • Desirable Skills & Additional Expertise :

  • Privileged Access Management (PAM) : Experience with tools like Delinea Secret Server and Netwrix for JITA is highly desirable.
  • Identity Governance & Administration (IGA) : Knowledge of SailPoint IdentityIQ for Identity Lifecycle, Access Request & Recertification, and User Provisioning / Deprovisioning is a plus.
  • Microsoft Power Apps : Experience building or customizing forms and applications to enhance identity-related workflows is advantageous.
  • Database & Data Analytics : Experience with SQL, Alteryx, and data warehousing concepts to streamline workflows and troubleshoot data-related issues is a plus.

    • Language Proficiency :

  • Must be fluent in both written and spoken English , with the ability to clearly communicate across technical and non-technical audiences.

    • PHYSICAL POSITION REQUIREMENTS

  • Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone).

    • Skills Required

    Active Directory Administration, L2, L3, Idam

    Create a job alert for this search

    Active Directory • Hyderabad / Secunderabad, Telangana