Responsibilities:
Technical Leadership
1. Lead the end‑to‑end technical delivery of the directory transformation program, converting target‑state architecture into detailed engineering designs, implementation patterns, and deployment runbooks.
2. Drive collaborative requirements gathering and joint design workshops with cross‑functional stakeholders to ensure identity solutions meet business, security, compliance, and operational needs.
3. Serve as the technical authority throughout the project lifecycle, assessing business and security requirements, guiding technology selection, mentoring engineering teams, and incorporating feedback from security operations and platform teams.
4. Define and validate technical requirements for Microsoft Entra ID and on‑premises directory integrations, partnering closely with information security, risk, infrastructure, architecture, and business units to ensure seamless interoperability.
5. Execute complex platform changes, including directory consolidation, domain modernization, tenant optimization, divestitures, and merger‑related identity platform integrations.
6. Contribute to enterprise technology strategies, architectural standards, and design principles, ensuring identity and directory services consistently support Elanco’s business and security objectives.
7. Design and support the deployment of Identity and Access Management (IAM) integrations, ensuring alignment with architectural standards, technical feasibility, and secure‑by‑design patterns.
External Engagement
8. Engaging in the community (internally and externally) across multiple channels, looking to share, educate and inspire.
9. Establishing strong partnerships across the architecture community and Information Security, helping to identify opportunities and mitigate risks.
10. Working with Information Security on the implementation of the Elanco security roadmap.
11. Serving on various forums to analyse projects and programs to ensure they are technically sound, will do no harm, and will deliver the expected outcomes.
What You Need to Succeed (minimum qualifications):
12. 10+ years of progressive experience in Identity & Access Management, with at least 5 years focused on enterprise directory services and hybrid identity architectures across large, global organizations.
13. Expert‑level proficiency in Microsoft Entra ID and Active Directory, including architecture, design, federation, conditional access, Zero Trust enforcement, modern authentication protocols, and hands‑on engineering of complex identity environments.
14. Deep, practical understanding of IAM principles and security frameworks, including identity governance, authentication/authorization models, least privilege, Zero Trust, modern MFA strategies, and alignment with frameworks such as NIST, CIS, ISO 27001, and Microsoft’s identity security baseline.
15. Extensive experience with Joiner‑Mover‑Leaver (JML) lifecycle automation, preferably Workday‑driven, including identity provisioning, role mapping, automated access workflows, and governance controls across HR‑integrated identity platforms.
16. Demonstrated understanding of Privileged Access Management (PAM) solutions—preferably Delinea.
17. Proven leadership delivering large‑scale identity transformation initiatives, including directory consolidation, domain modernization, tenant‑to‑tenant migrations, and M&A or divestiture‑driven identity restructuring.
18. Strong technical mentoring capability, with a track record of guiding engineering teams, influencing architectural decisions, and driving high‑impact identity programs from concept to execution.
19. Exceptional communication and stakeholder engagement skills, capable of presenting complex identity concepts to executives, architects, security leaders, and engineering teams, while building consensus and steering technical direction.
Additional Information:
20. Travel:0-10%
21. Location: Hook, UK - Hybrid Work Environment