Sr. Active Directory Engineer

It All Starts with Our People

As the leader in automotive preventive maintenance, Valvoline has a proven track record of growth. We continue to invest in our people, processes, and technology to strengthen our ability to efficiently deliver Quick, Easy, Trusted service across all our stores – every day. We're not just in the car business; we're in the people business. And we're looking for humble, hungry, and smart people to help us shape the future of mobility. If you're hungry to drive change and seek a dynamic, collaborative environment that fuels both personal and professional growth, you've found your place with us.

Our highest priority is creating a welcoming workplace with team members from a wide variety of diverse backgrounds and experiences.

How You’ll Make a Difference

Valvoline has a rewarding opportunity as a Sr. Active Directory Engineer. The Senior Engineer, Active Directory is responsible for the engineering, design, and operational ownership of Valvoline’s enterprise Active Directory and hybrid identity environment.

This role provides deep technical leadership across on‑premises Active Directory, Entra ID (Azure AD), and identity integrations supporting Microsoft 365 and critical business systems. The position ensures identity services are secure, resilient, scalable, and aligned with Valvoline security, compliance, and operational standards

Active Directory Engineering & Operations

• Engineer, administer, and support enterprise Active Directory Domain Services

• Design and maintain OU structures, group strategies, GPOs, DNS, trusts, and domain health

• Act as the highest escalation point for complex directory issues, including replication, authentication, and domain controller health

Hybrid Identity & Cloud Integration

• Own and support hybrid identity architecture, including Entra ID (Azure AD) and synchronization services

• Support authentication methods and integrations required by Microsoft 365 and third‑party applications

• Partner with application teams on directory‑dependent integrations (LDAP, SAML, Kerberos, etc.)

Identity Security & Compliance

• Implement and enforce identity security standards, including privileged access, tiering models, and service account governance

• Collaborate with Security teams on audits, incident response, and identity‑related risk remediation

• Ensure directory services comply with Valvoline security policies and regulatory requirements

Automation & Lifecycle Management

• Develop and maintain PowerShell automation for identity lifecycle, reporting, and bulk administration. Integrate Active Directory with IAM/IGA, HR systems, and service request workflows

• Drive reduction of manual processes through automation and standardization

Leadership, Documentation & Cross‑Team Collaboration

• Create and maintain architecture diagrams, standards, and operational documentation

• Participate in change management (CAB), project planning, and technology roadmaps

Mentor junior engineers and act as an identity subject matter expert across IT

What You’ll Need to Succeed

·      5+ years of enterprise experience supporting Microsoft Active Directory

·      Demonstrated expertise in hybrid identity environments

·      Strong hands-on experience with PKI/AD CS, certificate lifecycle management, and certificate‑based authentication (e.g., CA hierarchy design, certificate templates, auto-enrollment, CRL/OCSP, renewal/rotation, and integration with Windows and enterprise applications)

·      Advanced PowerShell scripting and automation skills

·      Strong understanding of authentication, authorization, and identity security principles

·      Experience operating in large, distributed enterprise environments

·      Enterprise identity architecture & troubleshooting

·      Security‑first engineering mindset

·      Strong analytical and problem‑solving skills

·      Ability to communicate effectively with engineers, security teams, and leadership

·      High degree of ownership and accountability for critical services

Nice to Have

·      Experience with Entra ID (Azure AD), Conditional Access, MFA, and identity protection controls

·      Familiarity with IAM/IGA platforms, identity lifecycle governance, and access certifications

·   Microsoft certification(s) in Identity, Security, Azure, or Microsoft 365

• Must be authorized to work in the U.S. 

We Take Care of the WHOLE You

• Health insurance plans (medical, dental, vision)
• HSA and flexible spending accounts
• 401(k)  
• Incentive opportunity*
• Life insurance
• Short and long-term disability insurance
• Paid vacation and holidays*
• Employee Assistance Program
• Valvoline Instant Oil Change discounts
• Tuition reimbursement*
• Adoption assistance* 

*Terms and conditions apply, and benefits may differ depending on position.

Your Path to Valvoline

Valvoline provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

Join us in revolutionizing the automotive aftermarket industry while enjoying competitive benefits, a supportive work culture, and opportunities for advancement. Apply now and become an integral part of our journey at Valvoline.

The Company endeavors to make its recruitment process accessible to any and all users. Reasonable accommodations will be provided upon request to applicants with disabilities to facilitate equal opportunity throughout the recruitment and selection process. Please contact Human Resources at 1.833.VVV.Report or email ECC@valvoline.com to make a request for reasonable accommodation during any aspect of the recruitment and selection process. The contact information is for accommodation requests only; do not use this contact information to inquire about the status of applications.

#GGL 

#LI-Remote