At CVS Health, we’re building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.
As the nation’s leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues – caring for people where, when and how they choose in a way that is uniquely more connected, more convenient and more compassionate. And we do it all with heart, each and every day.
As the Principal AD Architect on our team, you will work in a large enterprise, multi-domain Active Directory environment. You will lead the design, implementation, and evolution of our enterprise Active Directory infrastructure. You’ll be responsible for ensuring secure, scalable, and highly available identity and access management solutions that align with organizational goals. This role involves collaborating across IT and security teams to drive modernization efforts, integrate cloud and hybrid environments, and establish governance and best practices for directory services.
You will need to have an expert knowledge and highly proficient skills in administrations of Active Directory, Azure, and Azure AD environments. You will also collaborate with other IT support teams and project teams.
We are looking for a colleague with expert knowledge of Windows operating systems along with experience using monitoring tools like Splunk and Microsoft Operations Center for operational support.

REQUIRED QUALIFICATIONS:

• 10+ years of experience in designing, implementing, and managing enterprise-scale multi-domain Active Directory
• 10+ years of experience in AD DS, Group Policy, DNS, DHCP, and related identity services
• 10+ years of experience administering Azure and Azure AD
• 10+ years of experience with monitoring tools like Splunk and Microsoft Operations Center
• 10+ years of AD risk analysis with emphasis on PCI/SOC/PII/PHI auditing and remediation
• 5+ years of experience in scripting and automation using PowerShell, Bash, Python, etc.

PREFERRED QUALIFICATIONS:

• Strong understanding of Active Directory security including best practices, privileged access management, AD hardening, delegated access, GPO, and troubleshooting
• Strong understanding of authentication protocols (Kerberos, NTLM, SAML, OAuth, etc.) and identity governance
• Experience with AD migrations, consolidations, and domain restructuring in complex environments
• Strong understanding of vulnerability management and security baseline tools
• Excellent communication and leadership skills, with the ability to influence technical direction across teams
• Excellent communication and leadership skills, with the ability to influence technical direction across teams
• Strong independent analytical and troubleshooting skills, with the ability to diagnose complex issues across Active Directory and related systems, and drive resolution with minimal supervision
• Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate or equivalent

EDUCATION:

• Bachelor’s degree or equivalent experience (High School Diploma and 4 years relevant experience)

Please refer the Job description for details