CVS HealthRemote
Staff Security Engineer - Active Directory
United States of America
Full Time
3 hours ago
$107,000 - $284,000 USD
H1B Sponsor Likely
Key skills
Enterprise identity solutionsMicrosoft Entra ID (Azure AD) administrationAzure Active Directory administrationPowerShell scriptingautomationSecurity hardeningVulnerability remediationIdentity-related risk reductionActive Directory securityPrivileged access managementGroup Policy designhardeningSecure authenticationauthorization architecturesSecurity incident responseSecurity monitoring tools e.g.Security monitoring tools SplunkSecurity monitoring tools SCOMVulnerabilityattack-path analysis toolsRegulatory compliance SOXRegulatory compliance PCIRegulatory compliance HIPAAPowerShellAzureIAMAzure ADEntra IDActive DirectorySplunkSaaSLeadershipCommunicationCollaboration
About this role
CVS Health is focused on building a world of health around every individual, promoting a connected and compassionate health experience. The Staff Security Engineer will serve as a technical authority for the design and security of a large enterprise Active Directory environment, leading cloud identity security initiatives and collaborating with various teams to ensure compliance and resilience of identity services.
Responsibilities:
- Architect, secure, and oversee enterprise multi‑domain Active Directory environments in hybrid configurations with Azure, including Azure AD Connect and identity synchronization strategies
- Provide senior‑level administration and security engineering for Azure Active Directory (Microsoft Entra ID), including identity protection, authentication methods, and access governance
- Design, implement, and continuously improve Entra ID Conditional Access, privileged access models, and identity security controls
- Lead analysis and response efforts for complex identity‑related security incidents, including root cause analysis and long‑term remediation
- Oversee and harden hybrid identity integrations, including Entra ID Connect / Cloud Sync, ensuring secure synchronization and minimal on‑prem dependency exposure
- Monitor, investigate, and respond to cloud‑based identity threats and anomalous authentication activity using Entra ID logs, risk detections, and SIEM tooling
- Lead root cause analysis and long‑term remediation for identity‑related security incidents spanning Entra ID, SaaS applications, and hybrid authentication flows
- Establish and enforce Entra ID security standards, including tenant configuration, role management, identity lifecycle controls, and service principal governance
- Proactively identify architectural weaknesses and attack paths within cloud and hybrid identity and drive modernization and risk‑reduction initiatives
- Lead and support internal and external audits (SOX, PCI, HIPAA, etc.) related to identity, access management, and authentication controls
- Partner with Cybersecurity, IAM, Application, and Platform teams to ensure secure Entra ID integration with enterprise SaaS, Azure, and on-prem applications
- Develop and maintain enterprise documentation, architecture standards, and operational runbooks for Entra ID and hybrid identity services
- Evaluate new Microsoft Entra capabilities and identity security features, making informed recommendations for adoption
Requirements:
- 7+ years of experience engineering enterprise identity solutions, with increasing focus on cloud‑based identity platforms
- 7+ years of advanced experience administering and securing Microsoft Entra ID (Azure AD) in large enterprise environments
- 7+ years of experience administering and securing Azure and Azure Active Directory
- 5+ years of experience using PowerShell and automation to manage, audit, and secure identity platforms
- 5+ years of experience in security hardening, vulnerability remediation, and identity‑related risk reduction
- Expert‑level understanding of Active Directory and identity security, including: Tiered administrative models, Privileged access management and credential protection, Group Policy design and hardening, and Secure authentication and authorization architectures
- Experience leading identity‑related security investigations and incident response
- Strong experience with monitoring and security tools such as Splunk and Microsoft Systems Center Operations Manager (SCOM)
- Experience with vulnerability and attack‑path analysis tools such as Microsoft Assessment tools, CrowdStrike, BloodHound, or similar
- Proven experience designing and remediating controls for SOX, PCI, HIPAA, or similar regulatory frameworks
- Ability to translate business and security requirements into scalable, secure technical solutions
- Strong leadership, collaboration, and communication skills, including the ability to influence technical direction