AD/ Entra ID Senior IAM Engineer

Overview

PepsiCo is seeking a seasoned Active Directory and Entra ID (Azure AD) expert to drive the future of enterprise directory services within our global Identity and Access Management (IAM) organization. This role will lead architecture, design, deployment, and operational excellence for both on-premises and cloud-based directory environments. You will also focus on improving automation, enhancing security, and driving compliance through advanced engineering and collaboration with security and application teams.

Responsibilities

• Serve as a subject matter expert for Active Directory and Entra ID (Azure AD) architecture and implementation along with AWS & GCP Integrations.
• Lead design and engineering efforts to automate directory and identity services, ensuring scalability, performance, and compliance.
• Develop and execute the strategic roadmap for Directory Services, aligned with organizational goals and cybersecurity standards.
• Collaborate with architects, developers, cybersecurity teams, and infrastructure engineers to align IAM strategy across platforms.
• Support identity governance, security model design, and application integration across hybrid cloud environments.
• Ensure regulatory compliance (e.g., SOX) and adherence to Zero Trust principles.
• Troubleshoot complex technical issues and lead resolution efforts for critical incidents.
• Create and maintain comprehensive documentation for systems architecture, processes, and configurations.
• Deliver training, workshops, and knowledge transfers to internal and external stakeholders.
• Support Agile/DevOps practices and CI/CD pipeline integration for directory services automation.
• Lead efforts in disaster recovery, performance tuning, capacity planning, and operational excellence.
• Build and manage PKI solutions including CA, HSM, and certificate lifecycle management (EKCLM).

Compensation & Benefits:

• The expected compensation range for this position is between $106,400 - $178,100.Location, confirmed job-related skills, experience, and education will be considered in setting actual starting salary. Your recruiter can share more about the specific salary range during the hiring process.
• Bonus based on performance and eligibility target payout is 12% of annual salary paid out annually.
• Paid time off subject to eligibility, including paid parental leave, vacation, sick, and bereavement.
• In addition to salary, PepsiCo offers a comprehensive benefits package to support our employees and their families, subject to elections and eligibility: Medical, Dental, Vision, Disability, Health, and Dependent Care Reimbursement Accounts, Employee Assistance Program (EAP), Insurance (Accident, Group Legal, Life), Defined Contribution Retirement Plan.

Qualifications

Education:

• Bachelor’s degree in computer science, engineering, or a related field, OR equivalent related work experience.

Required Experience:

• 10+ years of overall IT experience, with strong emphasis in Identity and Security domains.
• 7+ years of hands-on engineering/design experience with Active Directory.
• 6+ years managing and supporting Azure Active Directory / Entra ID environments.
• 5+ years of experience designing and managing PKI environments including CA, HSM, and certificate services.
• 3+ experience working with AWS and/or GCP identity management.
• Proven experience with building hybrid identity models and application integration with Azure AD.

Technical skills:

• Deep expertise in AD/Entra ID infrastructure, including:
• Domain controller deployment
• GPO design and management
• AD security hardening, replication, and auditing
• LDAP and Azure AD/Entra ID architecture
• Strong scripting knowledge (PowerShell, VBScript)
• Familiarity with Zero Trust frameworks and passwordless authentication
• Knowledge of compliance frameworks and security best practices (e.g., SOX, NIST)
• Experience implementing and managing Public Key Infrastructure (PKI) and related components

Mandatory non-technical skills:

• Strong written and verbal communication skills
• Self-starter with ability to work independently and deliver under pressure
• Analytical thinker with strategic mindset and problem-solving capabilities
• Able to simplify complex technical concepts for diverse stakeholders
• Agile, adaptable, and comfortable working in fast-paced environments
• Passion for innovation and continuous improvement

>

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901-4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy.

 Please view our Pay Transparency Statement