Information Technology Operations Lead

About The Position

Requirements

• Bachelor’s degree in a related field with 8–12+ years of relevant work experience, or Master’s degree in a related field with 6+ years of relevant work experience.
• Proven experience as a Windows System Administrator in large enterprise environments, with strong hands-on expertise in Active Directory, Group Policy, and Windows authentication protocols.
• Solid understanding of Identity and Access Management (IAM) concepts and best practices, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and modern authentication mechanisms.
• Experience with IAM-related tools such as Azure AD, PingOne, Duo, SailPoint, and hybrid/cloud IAM environments (e.g., Azure, AWS IAM).
• Scripting and automation experience, preferably using PowerShell, along with exposure to audit and compliance processes related to access controls.
• Familiarity with macOS management software (e.g., Jamf), strong analytical and troubleshooting abilities, excellent communication skills, and relevant certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals, MCSA, or similar.
• Applicants must be legally authorized to work in the United States for any employer at the time of hire.
• This position is not eligible for visa sponsorship or for assuming sponsorship of an employment visa now or in the future.

Responsibilities

• Manage a team of 3–4 system administrators, providing day-to-day supervision, technical direction, training, documentation, and support to ensure operational excellence and adherence to IAM best practices.
• Lead the implementation, management, and optimization of Identity and Access Management (IAM) solutions, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM), and investigate and resolve IAM-related incidents such as unauthorized access or authentication failures.
• Administer, configure, and troubleshoot Windows Server environments (2012/2016/2019/2022), and participate in system upgrades, patching, backups, and disaster recovery initiatives.
• Manage and maintain Microsoft Active Directory, Group Policy Objects (GPOs), and related domain services to ensure secure and efficient authentication processes.
• Monitor and maintain secure user access by provisioning, modifying, and deactivating user and group accounts; enforce least privilege access principles; and ensure compliance with security policies through regular audits of permissions, group memberships, and access logs.
• Collaborate with Security, Compliance, and IT teams to design and enforce access controls and security policies, and automate IAM processes and user lifecycle management using scripting tools such as PowerShell.

Benefits

• Thales provides an extensive benefits program for all full-time employees working 30 or more hours per week and their eligible dependents, including the following:
• Elective Health, Dental, Vision, FSA/HSA, Voluntary Life and AD&D, Whole Group Life w/LTC, Critical Illness, Hospital Indemnity, Accident Insurance, Legal Plan, Identity Theft, and Pet Insurance
• Retirement Savings Plan after 30 days of employment with a company contribution and a match, and with no vesting period
• Company paid holidays and Paid Time Off
• Company provided Life Insurance, AD&D, Disability, Employee Assistance Plan, and Well-being Program