Lead Active Directory Engineer
M&T Bank —Wilmington, DE
- $128,100 - $213,500 a year
- Full-time
- Hybrid work
- 5 years
- Office
- Bachelor's degree
- Work from home

Discover related jobs

Based on your search for cybersecurity manager jobs.

Information Assurance Officer
Future Technologies, Inc. —Dover, DE
GOTS/COTS compliance support and technical reviews for Change Control. Support oversight of Lab Linux applications, research and scripting.
Senior Systems Engineer - IAM
Berkley —Wilmington, DE
Collaboration with project managers and technical teams to deliver customer-centric solutions, including the presentation of design and deployment strategies,…
$121,000 - $137,000 a year

Show more related jobs

Explore jobs in cities nearby

Check out jobs in cities near your current location, Columbus

IT Operations Manager
KANAWHA SCALES & SYSTEMS LLC —Columbus, OH
Experience in multi-location or field-service organizations. This position provides operational oversight across infrastructure, end-user computing, business…
$105,000 - $120,000 a year
Quick Apply
Cybersecurity Risk Manager
Huntington Bank —Columbus, OH
Execute risk assessments against defined scopes and planned initiatives in alignment with our enterprise risk management frameworks.
$70,000 - $140,000 a year
4d

Show more jobs in cities nearby

I want to receive the latest job alert for cybersecurity manager in delaware

By signing in to your account, you agree to SimplyHired's Terms of Service and consent to our Cookie and Privacy Policy.

Explore jobs in more locations

cybersecurity manager jobs near delaware

Active Directory Engineer jobs in Columbus, Oh

Active Directory Engineer jobs in Fountain Valley, Ca

Active Directory Engineer jobs in Nashville, Tn

Engineer jobs in Little Rock, Ar

Devops Engineer jobs in Sacramento, Ca

Active Directory Engineer jobs in Washington, Dc

Lead Active Directory Engineer

M&T Bank -
Wilmington, DE

Apply Now

Job Details

Full-time
$128,100 - $213,500 a year

Benefits

Work from home

Qualifications

Zero Trust security
Data replication
Authorization controls implementation
IT user and group management
Distributed file systems
Improving system uptime or availability
IT system monitoring
Regulatory compliance
Data recovery
Configuration management
Server backup and recovery
Data access controls implementation
Data backup
Monitoring system implementation
Identity and access management (IAM) architecture design
Segregation of duties analysis
PowerShell
Audit support
High availability
Identity & access management
IT security monitoring
IT disaster recovery planning

Full Job Description

This role is four days onsite at our Wilmington, DE Tech Hub location, with the flexibility to work from home one day per week

Overview:

Responsible for designing, securing, and operating Microsoft Active Directory Domain Services (AD DS) in regulated, high-availability environments. Acts as knowledge resource for and trains less experienced engineers. Completes day-to-day support activities and special projects.

Primary Responsibilities:

Enterprise Active Directory Architecture

Proven expertise supporting large-scale, Tier‑1 identity infrastructures with strict uptime, latency, and change‑control requirements
Strong experience with:
- Multi-domain and multi-forest designs aligned to business units, regions, or regulatory boundaries
- Forest and external trusts supporting M&A, joint ventures, and third-party integrations
- FSMO role placement optimized for resilience and auditability
Advanced understanding of Active Directory–integrated DNS, split‑brain DNS, and secure name resolution models

Hybrid Identity & Microsoft Entra ID (Azure AD)

Extensive experience integrating on-prem AD with Microsoft Entra ID in regulated financial environments
Hands-on implementation of:
- Entra Connect (Cloud Sync and Traditional)
- Password Hash Sync, Pass-through Authentication, and Federation
Strong experience with:
- Conditional Access aligned to regulatory and risk-based controls
- Hybrid Join, Entra ID Join, and legacy device coexistence
Understanding of identity lifecycle controls to support joiners, movers, leavers, and separation-of-duties requirements

Security, Compliance & Risk Controls

Expert-level knowledge of Active Directory security hardening in financial services, including:
- Tiered administrative model (Tier 0/1/2)
- Dedicated admin forests or hardened admin boundaries (where applicable)
- Privileged Access Workstations (PAWs) / Secure Admin Workstations
Experience enforcing least privilege, role separation, and dual‑control models
Deep familiarity with threats targeting financial institutions:
- Credential theft, Kerberoasting, Pass-the-Hash/Ticket
- Delegation and ACL abuse
Hands-on experience with:
- Privileged Identity Management (PIM)
- Regular access reviews and entitlement recertification
Strong alignment with Zero Trust and defense-in-depth identity strategies

Regulatory & Audit Readiness

Demonstrated experience supporting audits and controls for financial regulations and frameworks, such as:
- SOX, GLBA, PCI DSS, SOC 2
- Internal risk management and model governance requirements
Ability to design AD environments that support:
- Strong logging and traceability
- Tamper-resistant audit logs
- Evidence generation for internal and external auditors

Automation & PowerShell

Advanced PowerShell expertise for:
- Controlled, auditable administrative changes
- Automated provisioning/deprovisioning aligned to compliance workflows
- Identity reporting for risk, security, and audit teams
Experience building automation that integrates with:
- Change management processes
- IAM, ticketing, and security tooling

Operations, Resilience & Recovery

Deep experience managing:
- AD replication topology across data centers and regions
- SYSVOL (DFSR) health and recovery
- Latency-sensitive authentication dependencies
Strong understanding of:
- AD backup, recovery, and authoritative restore procedures
- Identity disaster recovery scenarios with defined RTO/RPO
Experience implementing monitoring and alerting with a focus on early risk detection

Leadership & Governance

Acts as technical authority and escalation point for all directory and identity services
Defines and enforces:
- Enterprise identity standards
- Secure configuration baselines
- Operational runbooks and procedures
Partners closely with:
- Information Security and IAM teams
- Risk, audit, and compliance stakeholders
- Infrastructure, cloud, and application teams
Mentors engineers and reviews designs from a security and risk-first perspective

Education and Experience Required:

Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience

Education and Experience Preferred:

Advanced understanding of the security system development and infrastructure lifecycle and architecture, and systems design
Proven experience with the development and customization of tools utilized in assigned Cybersecurity function
Demonstrated ability to translate architecture into technical requirements
Proficient level of critical thinking and problem solving ability
Excellent communication and interpersonal skills
Experience partnering with leaders to design solutions to business needs.
Proficient persuasive communication skills to gain buy-in of others
Strong ability to analyze and draw reliable conclusions based on large volumes of quantitative data from diverse sources
Ability effectively serves in indirect leadership role

#LI-JB3 #Hybrid

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $128,100.00 - $213,500.00 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Wilmington, Delaware, United States of America

Apply Now

Refine Your Search

cybersecurity manager jobs in delaware