Infrastructure Architect - IAM

You know the moment. It’s the first notes of that song you love, the intro to your favorite movie, or simply the sound of someone you love saying “hello.” It’s in these moments that sound matters most. 

At Bose, we believe sound is the most powerful force on earth. We’ve dedicated ourselves to improving it for nearly 60 years. And we’re passionate down to our bones about making whatever you’re listening to a little more magical. 

The Information Technology team at Bose exists to deliver valuable and reliable business and technology solutions with an innovative, engaged, and collaborative team focused on contributing to our corporate vision.

Job Description

Job Summary:​We are seeking an experienced Active Directory (AD) and Office 365 Architect to lead the design, implementation, and management of our enterprise-level directory services and Office 365 infrastructure. The ideal candidate will be responsible for architecting and maintaining scalable, secure, and efficient solutions that meet the needs of the business, focusing on identity management, access control, and cloud-based collaboration.​ This role is crucial for ensuring the integrity, security, and efficiency of our organization’s directory and collaboration services. The candidate should be highly skilled in managing large, complex environments and comfortable leading critical projects in the cloud and on-prem environments.​Key Responsibilities:- ​ Design, implement, and maintain an enterprise-level Active Directory infrastructure, including managing forests, domains, trusts, and policies.- ​ Architect and oversee the integration of Office 365 services, including Exchange Online, SharePoint Online, OneDrive for Business, and Teams.- Expert-level knowledge and hands-on experience with Active Directory, including AD Federation Services (ADFS), Group Policy Management, AD replication, and troubleshooting complex AD issues- ​ Develop and manage identity and access management (IAM) strategies, with a focus on Single Sign-On (SSO), Multi-Factor Authentication (MFA), and federation services (e.g., Azure AD, ADFS).- ​ Plan and execute migrations, upgrades, and consolidation projects involving AD, O365, and related cloud services.- ​ Implement and enforce security policies and standards related to AD and O365, ensuring compliance with industry regulations and best practices.- ​ Collaborate with IT security, operations, and other technical teams to ensure high availability, reliability, and security of the AD and O365 environments.- ​ Troubleshoot and resolve complex issues related to directory services, authentication, and Office 365 services.- ​ Lead documentation and knowledge-sharing efforts, including creating runbooks, architectural diagrams, and training materials for support teams.​- Stay current with industry trends and emerging technologies related to directory services, cloud computing, and O365.  Must-Have Requirements​:- Proven experience in architecting, deploying, and managing enterprise Active Directory environments.- Expert knowledge of Office 365, particularly in managing Exchange Online, SharePoint, Teams, and OneDrive.- Strong understanding of identity management, including Azure Active Directory, ADFS, SSO, and MFA.- Hands-on experience with scripting languages like PowerShell for AD and Office 365 automation.- Experience with cloud integration and hybrid environments involving on-prem AD and Azure AD.- Deep understanding of security protocols and policies for AD and O365 environments, including RBAC, IAM, and privileged access management.- Excellent troubleshooting skills for both AD and O365 environments.- Familiarity with networking concepts, firewalls, and DNS related to AD and O365.- Excellent written and verbal communication skills, with the ability to present complex technical information to both technical and non-technical stakeholders.Good-to-Have Requirements​:- ​ Microsoft certifications, such as Azure Administrator, Microsoft 365 Certified: Enterprise Administrator Expert, or MCSE.- ​ Experience with third-party identity management tools such as Okta, Ping Identity, or SailPoint.- ​ Experience with hybrid cloud models, integrating on-premises infrastructure with cloud services.- ​ Knowledge of compliance frameworks such as GDPR, HIPAA, or SOX, and their relevance to directory services and O365.- ​ Experience in disaster recovery and business continuity planning for AD and O365 services.- ​ ​Experience with other Microsoft enterprise services, such as System Center Configuration Manager (SCCM) or Intune.- ​ ​Experience with zero-trust architecture and modern authentication frameworks such as OAuth 2.0 and OpenID Connect.​Education: - Bachelor's degree in Computer Science, Information Technology, Electrical & Electronics, or a related field. #LI-DP1

Bose is an equal opportunity employer that is committed to inclusion and diversity. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or any other legally protected characteristics. For additional information, please review: (1) the EEO is the Law Poster (http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf); and (2) its Supplements (http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm). Please note, the company's pay transparency is available at http://www.dol.gov/ofccp/pdf/EO13665_PrescribedNondiscriminationPostingLanguage_JRFQA508c.pdf. Bose is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the application or employment process, please send an e-mail to Wellbeing@bose.com and let us know the nature of your request and your contact information.

Our goal is to create an atmosphere where every candidate feels supported and empowered in the interviewing process. Diversity and inclusion are integral to our success, and we believe that providing reasonable accommodation is not only a legal obligation but also a fundamental aspect of our commitment to being an employer of choice. We recognize that individuals may have different needs and requirements based on their abilities, and we provide reasonable accommodations to ensure ideal conditions are met during the application process.

If you believe you need a reasonable accommodation, please send a note to wellbeing@bose.com