Sr. Directory Services Engineer at Lincoln Financial Group in Boise, Idaho, United States Job Description Alternate Locations: Radnor, PA (Pennsylvania); Charlotte, NC (North Carolina); Fort Wayne, IN (Indiana); Greensboro, NC (North Carolina); Work from Home Work Arrangement: Hybrid Preferred : Preferred employee will work 3 days a week in a Lincoln office Relocation assistance: is not available for this opportunity. Requisition #: 74470 The Role at a Glance This position will provide subject matter expertise and direction on complex projects/initiatives. Responsibilities of this Engineer/Administrator role include designing, managing, maintaining and securing LFGs (Lincoln Financial Groups) Active Directory, Active Directory Certificate Services, and Forest-Domain-Trust management. This role will have exposure working with application and service owners to adopt modern authentication patterns such as SAML and Oauth along with supporting legacy authentication. Finally, the role includes Domain Services monitoring and alerting responsibilities; assisting in ITDR exercises; automating where opportunities arise; and support for our Security and Enterprise departments by implementing and enforcing regulatory compliance and standards adherence. What youll be doing + Serve alongside other technical experts managing, designing and operationalizing LFGs IDP; Active Directory, Microsoft Entra (Azure Active Directory) + Drive LFGs application integrations to utilize modern auth while supporting legacy authentication protocols securely. + Tier 4 support for Application Registration (Oauth/OIDC)/Enterprise Application Registration (SAM) operations as needed. + Work closely with Security and Enterprise Architecture to design enterprise compliant solutions. + Act as a subject matter expert for projects involving hybrid Active Directory/Entra ID environments. + Support Public-Key-Infrastructure with Active Directory Certificate Services and Key Factor integrations. + Lead troubleshooting and incident resolution for complex, high-severity incidents. + Develop and implement automated solutions to enhance security and operational efficiency. + Collaborate with Managed Service Providers (MSPs) operations support and provide support to the team. + Create and maintain internal documentation and share knowledge with the team. + Present engineered solutions to Architecture and Peer Review Boards + Partner with cross-functional teams including security, infrastructure, and application owners to ensure seamless integration of authentication solutions. + Maintains knowledge on current and emerging developments/trends, assesses the impact, and collaborates with senior management to incorporate new trends and developments in current and future solutions. + Directs and enhances organizational initiatives by positively influencing and supporting change management and/or departmental/enterprise initiatives. + Identifies and directs the implementation of process improvements that significantly improve quality across the team, department and/or business unit. + Provides subject matter expertise to team members and applicable internal/external stakeholders on complex assignments/projects. + Configures, installs, maintains and performs upgrades to Domain Controllers, Certificate Authority Servers and Active Directory Domains. + Serves as a subject matter expert to administer and maintain security of Active Directory, EntraID and PKI infrastructure. What were looking for Must Haves (Required): + 10+ years experience in related role with Active Directory, Entra ID (Azure Active Directory) + Expert knowledge with Directory Services protocols legacy and modern (LDAP, Kerberos, NTLM, SAML, OAuth, Auth0, etc) + 5+ extensive experience with Azure Application registrations and Enterprise Application Registrations, and graph APIs. + Proficiency in scripting and automation using PowerShell and MS Graph + Strong troubleshooting in Windows Server, Active Directory and authentication-related issues. + In-depth experience conducting Active Directory Disaster Recovery exercises. + Deep understanding of Active Directory Sites-&-Services + Proven experience in AD hardening, Forest-Domain-Trust Management for day-to-day operations with an eye on securing Active Directory for the future. Nice to Haves (Preferred): + Service-Now experience (ITSM, CMDB, Workflow) + Knowledge of Splunk utilization and queries a plus. (SEIM) + Collaborate with Agile teams, utilizing Jira and Confluence to track engineering tasks, document processes and enhance collaboration. Application Deadline Applications for this position will be accepted through October 3, 2025, subject to earlier closure due to applicant volume. Whats it like to work here? At Lincoln Financial, we love what we do. We make meaningful contributions each and every day to empower our customers to take charge of their lives. Working alongside dedicated and talented colleagues, we build fulfilling careers and stronger communities through a company that values our unique perspectives, insights and contributions and invests in programs that empower each of us to take charge of our own future. Whats in it for you: + Clearly defined career tracks and job levels, along with associated behaviors for each of Lincolns core values and leadership attributes + Leadership development and virtual training opportunities + PTO/parental leave + Competitive 401K and employee benefits (+ Free financial counseling, health coaching and employee assistance program + Tuition assistance program + Work arrangements that work for you + Effective productivity/technology tools and training The pay range for this position is $93,300 - $169,700 with anticipated pay for new hires between the minimum and midpoint of the range and could vary above and below the listed range as permitted by applicable law. Pay is based on non-discriminatory factors including but not limited to work experience, education, location, licensure requirements, proficiency and qualifications required for the role. The base pay is just one component of Lincolns total rewards package for employees. In addition, the role may be eligible for the Annual Incentive Program, which is discretionary and based on the performance of the company, business unit and individual. Other rewards may include long-term incentives, sales incentives and Lincolns standard benefits package. About The Company Lincoln Financial (NYSE: LNC) helps people to confidently plan for their version of a successful future. We focus on identifying a clear path to financial security, with products including annuities, life insurance, group protection, and retirement plan services. With our 120-year track record of expertise and integrity, millions of customers trust our solutions and service to help put their goals in reach. Lincoln Financial Distributors, a broker-dealer, is the wholesale distribution organization of Lincoln Financial. Lincoln Financial is the marketing name for Lincoln Financial Corporation and its affiliates including The Lincoln National Life Insurance Company, Fort Wayne, IN, and Lincoln Life & Annuity Company of New York, Syracuse, NY. Lincoln Financial affiliates, their distributors, and their respective employees, representatives and/or insurance agents do not provide tax, accounting or legal advice. Lincoln is committed to creating a diverse and inclusive ( environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for To view full details and how to apply, please login or create a Job Seeker account