Lead Enterprise-scale Active Directory, EntraID, Infrastructure Operations

FIS

Lead enterprise-scale Active Directory, EntraID, and infrastructure operations at FIS. Ensure system compliance, reliability, and security across a global environment.

Posted 5/5/2026full-timeNew York City • Florida, New York, Wisconsin • 🇺🇸 United StatesSenior💰 $108,040 - $183,680 per yearWebsite

Tech Stack

Tools & technologies

Azure

About the role

Key responsibilities & impact

Maintain and continuously enhance the enterprise Domain Controller (DC) standards, ensuring annual review and alignment across all new and existing deployments.
Oversee DC lifecycle governance, including secure builds, system hardening, vulnerability remediation, redundancy, and resiliency.
Ensure quarterly PCI compliance for all DCs by addressing and resolving findings from automated security scans.
Lead governance and administration of domain-wide and DC-specific Group Policy Objects (GPOs), including facilitation of weekly GPO review forums.
Manage certificate configurations for DCs and enforce secure RDP/WinRM settings through Group Policy; collaborate with the PKI team to drive automation initiatives.
Deploy and support enterprise identity and security solutions such as Entra Password Protection, Password Policy Enforcer, ActiveRoles, and StrongDM.
Lead Active Directory (AD) hygiene efforts, including OU structure governance and recurring review sessions.
Create and manage Azure applications, Conditional Access policies, subscriptions, and management group structures.
Administer and optimize Intune workstation policies to support a secure and consistent end-user environment.
Contribute to the planning, design, and testing of the native Azure workstation migration strategy.
Govern and maintain the enterprise browser site list.
Support annual risk assessments and internal AD audits, delivering required evidence and driving remediation of identified findings.
Maintain and track compliance activities within Archer, including risk acceptance and remediation management.
Utilize QRadar logs and queries to support investigations, incident response, and operational troubleshooting.
Host weekly Weekend Changes meetings and serve as the escalation point for Directory Services-related incidents.
Act as a subject matter expert for Directory Services across strategic projects, proof-of-concepts, and cross-functional technical engagements.

Requirements

What you’ll need

Over 7 years of experience leading systems engineering and infrastructure operations
Advanced expertise in Active Directory, Group Policy, certificates, and domain controller architecture
Strong proficiency in Entra ID, Azure Compute and Identity & Security
Proven experience with implementing and supporting compliance frameworks such as PCI and CIS
Extensive PowerShell capabilities for enterprise-scale troubleshooting, auditing, and automation
Working knowledge on SIEM platforms like QRadar, to support security monitoring and incident response
Hands-on experience with Intune and large-scale enterprise workstation management
Effective communicator with demonstrated leadership skills across cross-functional technical teams

Benefits

Comp & perks

Flexible and creative work environment
Diverse and collaborative atmosphere
Professional and personal development resources
Opportunities to volunteer and support charities
Competitive salary and benefits

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Active DirectoryGroup Policycertificatesdomain controller architectureEntra IDAzure ComputePowerShellIntunePCI complianceCIS compliance

Soft Skills

effective communicatorleadership skills