NEWPosted 1 hour ago

Job ID: JOB_ID_9230

Job Summary:

The Principal Information Security Engineer (Lead position) is responsible for leading large-scale, medium- to high-complexity identity and directory security initiatives. This role plays a critical part in designing, engineering, hardening, and operating enterprise identity services to meet corporate security objectives. The engineer serves as a trusted advisor to multiple identity engineering teams, business partners, and application owners, driving the secure adoption, consolidation, and modernization of identity platforms across onpremises and cloud environments. This position is a key contributor to enterprise security strategy, particularly in securing, consolidating, and simplifying identity and access infrastructures resulting from mergers and acquisitions. The role combines deep technical expertise with leadership, governance, and strategic influence across the organization.

Required Experience & Expertise:

  • 15+ years of experience in identity infrastructure engineering with a strong focus on security.
  • 8+ years of experience in performance management, tuning, and reliability of identity and directory services.
  • 6+ years of experience with server hardware and virtualization platforms, including VMware ESX and HyperV.
  • Advanced scripting and automation skills using PowerShell, with additional experience in VB and Batch scripting.
  • Strong hands-on experience with enterprise monitoring, configuration, and security tooling, including:
    • System Center Operations Manager (SCOM)
    • Microsoft Endpoint Configuration Manager (SCCM/MECM)
    • Quest InTrust, Change Auditor, Enterprise Reporter, GPO Admin, and Recovery Manager for AD (RMAD)
    • BloodHound Enterprise
    • Microsoft Risk Assessment Program (RAP)
  • Deep understanding of identity-related security domains, including authentication, authorization, privilege management, and directory security.
  • Working knowledge of firewall engineering, networking, subnetting, and DNS as they relate to secure identity services.

Key Responsibilities:

  • Lead and contribute to large-scale enterprise identity and information security initiatives involving directory services and authentication platforms.
  • Design, implement, and operate secure identity infrastructure aligned with corporate and regulatory security standards.
  • Act as a principal advisor to identity engineering teams and business owners on security posture, risk reduction, and best practices.
  • Drive security hardening, threat detection, and continuous improvement of identity systems through engineering and operational excellence.
  • Lead and participate in tactical and strategic initiatives related to identity consolidation, modernization, and cloud migration.
  • Serve as a subject-matter expert supporting mergers and acquisitions by securing and integrating disparate identity environments.
  • Investigate unusual or suspicious identity-related activity and support audit reviews, security investigations, and compliance assessments.
  • Develop and maintain high-quality technical documentation, standards, and operational procedures.
  • Provide technical leadership to small teams or workstreams to achieve defined security objectives.
  • Participate in 24×7 on-call rotation and provide guidance during security incidents impacting identity services.
  • Monitor performance, resilience, and stability of directory and identity platforms, proactively addressing risks and inefficiencies.

Operational & Engineering Duties:

  • Architect, engineer, and operationally manage multiple enterprise identity and directory environments.
  • Review, analyze, and remediate security, performance, and reliability issues identified through monitoring and assessment tools.
  • Partner with business and application teams to remediate identity-related security vulnerabilities and reduce attack surfaces.
  • Leverage security assessment and scanning tools to maintain compliance with published baseline security standards.
  • Guide application teams in securely integrating with enterprise identity platforms and migrating to core or cloud-based identity services.
  • Support the strategic consolidation of identity environments to reduce complexity and improve security posture.

Special Requirements

Remote position. Longterm Contract. Participation in 24×7 on-call rotation is required.

Compensation & Location

Salary: $150,000 – $200,000 per year (Estimated)

Location: Remote

Recruiter / Company – Contact Information

Email: y.r@itechus.net

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
y.r@itechus.net with the subject:

DELETE_JOB_ID_9230

to delete@join-this.com.