Overview
PepsiCo is seeking a seasoned Active Directory and Entra ID (Azure AD) expert to drive the future of enterprise directory services within our global Identity and Access Management (IAM) organization. This role will lead architecture, design, deployment, and operational excellence for both on-premises and cloud-based directory environments. You will also focus on improving automation, enhancing security, and driving compliance through advanced engineering and collaboration with security and application teams.
Responsibilities
- Serve as a subject matter expert for Active Directory and Entra ID (Azure AD) architecture and implementation along with AWS & GCP Integrations.
- Lead design and engineering efforts to automate directory and identity services, ensuring scalability, performance, and compliance.
- Develop and execute the strategic roadmap for Directory Services, aligned with organizational goals and cybersecurity standards.
- Collaborate with architects, developers, cybersecurity teams, and infrastructure engineers to align IAM strategy across platforms.
- Support identity governance, security model design, and application integration across hybrid cloud environments.
- Ensure regulatory compliance (e.g., SOX) and adherence to Zero Trust principles.
- Troubleshoot complex technical issues and lead resolution efforts for critical incidents.
- Create and maintain comprehensive documentation for systems architecture, processes, and configurations.
- Deliver training, workshops, and knowledge transfers to internal and external stakeholders.
- Support Agile/DevOps practices and CI/CD pipeline integration for directory services automation.
- Lead efforts in disaster recovery, performance tuning, capacity planning, and operational excellence.
- Build and manage PKI solutions including CA, HSM, and certificate lifecycle management (EKCLM).
Qualifications
Education:
- Bachelor's degree in computer science, engineering, or a related field, OR equivalent related work experience.
Required Experience:
- 10+ years of overall IT experience, with strong emphasis in Identity and Security domains.
- 7+ years of hands-on engineering/design experience with Active Directory.
- 6+ years managing and supporting Azure Active Directory / Entra ID environments.
- 5+ years of experience designing and managing PKI environments including CA, HSM, and certificate services.
- 3+ experience working with AWS and/or GCP identity management.
- Proven experience with building hybrid identity models and application integration with Azure AD.
Technical skills:
- Deep expertise in AD/Entra ID infrastructure, including:
- Domain controller deployment
- GPO design and management
- AD security hardening, replication, and auditing
- LDAP and Azure AD/Entra ID architecture
- Strong scripting knowledge (PowerShell, VBScript)
- Familiarity with Zero Trust frameworks and passwordless authentication
- Knowledge of compliance frameworks and security best practices (e.g., SOX, NIST)
- Experience implementing and managing Public Key Infrastructure (PKI) and related components
Mandatory non-technical skills:
- Strong written and verbal communication skills
- Self-starter with ability to work independently and deliver under pressure
- Analytical thinker with strategic mindset and problem-solving capabilities
- Able to simplify complex technical concepts for diverse stakeholders
- Agile, adaptable, and comfortable working in fast-paced environments
- Passion for innovation and continuous improvement