IAM Service Lead Enterprise Directory

About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power the hybrid workplace of today and tomorrow. Today, Xerox is continuing its legacy of innovation to deliver client-centric and digitally-driven technology solutions and meet the needs of today’s global, distributed workforce. From the office to industrial environments, our differentiated business and technology offerings and financial services are essential workplace technology solutions that drive success for our clients. At Xerox, we make work, work. Learn more about us at www.xerox.com.

IAM Service Lead (Enterprise Directory: AD/Entra ID)

The IAM / Enterprise Directory Service Lead supports the Identity and Access Management (IAM) program within the Xerox Cyber Security organization. This role is responsible for designing, building, deploying, and continuously improving enterprise‑scale IAM and Directory Services capabilities, including Active Directory, Microsoft Entra ID, Azure B2B and B2C capabilities.

The role partners closely with business stakeholders, IT teams, and Cyber Security professionals to deliver secure, scalable, and resilient identity services that enable the business while reducing cyber risk.

Primary Responsibilities:

• Design, implement, and manage enterprise Identity and Access Management and Directory Services solutions to ensure secure, reliable, and efficient access to systems and applications
• Define, implement, and enforce access policies (Conditional Access Policies), roles, permissions, and identity standards across the enterprise
• Integrate IAM solutions with enterprise directory and authentication platforms, including Active Directory and Microsoft Entra ID (Azure AD)
• Collaborate with business and IT stakeholders to gather requirements and ensure IAM solutions align with business needs and security objectives
• Implement and manage modern authentication capabilities, including:
• Multi‑Factor Authentication (MFA)/Risk-based Adaptive Authentication
• Single Sign‑On (SSO)
• Passwordless authentication
• Phishing‑resistant solutions (e.g., FIDO2 tokens) using Microsoft Entra ID
• Support Conditional Access policies, enterprise application integrations, app registrations, and identity lifecycle scenarios (B2B, B2C)
• Participate in security audits, risk assessments, and compliance activities to ensure alignment with regulatory and industry requirements
• Collaborate with IAM architects and engineers on strategic initiatives, large‑scale programs, and M&A integration efforts
• Serve as a strong individual contributor who continuously improves IAM and Enterprise Directory service offerings, reliability, and security posture
• Develop and maintain technical documentation, automation scripts (PowerShell), code repositories, and development environments
• Provide technical guidance to the Enterprise Directory Services (EDS) operations team and act as an escalation point for resolving operational incidents
• Act as a technical subject matter expert (SME), advising project and application teams on secure integration with IAM and Enterprise Directory platforms
  
  

• Strong experience in Enterprise Directory hybrid Identity Implementations (Active Directory, Entra ID, Azure AD B2B / B2C etc.), Azure App Proxy etc.
• Strong experience in integrating enterprise applications using modern authentication and authorization standards, including SAML 2.0/OpenID Connect/OAuth 2.0/WS‑Federation etc.
• Hands‑on experience with Conditional Access policies, enterprise application onboarding, and identity governance concepts
• Proficiency in one or more programming or scripting languages such as PowerShell, Python, Java, or Perl for automation and integration
• Strong written and verbal communication skills, with the ability to explain technical concepts to diverse audiences
• Demonstrated experience working cross‑functionally across multiple teams and large‑scale initiatives
• Strong organizational skills and attention to detail in managing identity services and operational processes
• Uncompromising personal and professional integrity, ethics, and accountability
  
  

• Bachelor’s degree in computer science, Information Systems, Information Security, Engineering, or a related field
• 8+ years of experience in IT services, including at least 5+ years specializing in Identity and Access Management with a focus on Enterprise Directory (hybrid and cloud) architectures
• Industry‑recognized security or IAM certifications (e.g., CISSP, Microsoft Identity certifications, IAM‑specific credentials) are a plus