OxyChem Identity Access Management IT Advisor; Houston, TX

Oxy Chem Identity Access Management IT Advisor (Houston, TX)

Join to apply for the Oxy Chem Identity Access Management IT Advisor (Houston, TX) role at Oxy Chemical Corp
.

We are a growing, action‑oriented, safety‑driven chemical manufacturing company continually striving to be the best in the business while staying focused on environmental protection. Oxy Chem, a Berkshire Hathaway company, is a leading producer of essential chemistry with operations in the U.S., Canada and Latin America. Our products play an essential role in everyday life, supporting critical applications in water treatment, pharmaceuticals, healthcare, manufacturing, automotive, personal hygiene, and residential and commercial construction.

Oxy Chem actively participates in the Occupational Safety and Health Administration Voluntary Protection Program, underscoring our commitment to safety. Headquartered in Dallas, Texas, we are a top three U.S. manufacturer of polyvinyl chloride, chlor‑alkali and chlorinated organic chemicals, and calcium chloride.

We create a supportive workplace where safety and well‑being are paramount. We are committed to rewarding top performers, offering competitive pay and benefits, and providing tremendous career development opportunities.

We are seeking a Senior Enterprise Active Directory & Identity Architect to lead the design, implementation, and governance of enterprise identity platforms, primarily Active Directory (AD) and related identity services. This role combines AD architecture with identity and access management (IAM) responsibilities, ensuring secure, scalable, and compliant solutions across the organization. The architect will define architecture roadmaps, patterns, and standards for AD and IAM while collaborating with IT teams and business units to safeguard systems and manage user access.

• Design and maintain enterprise Active Directory architecture, including forests, domains, OU structure, and Group Policy Objects (GPOs).
• Manage identity provisioning, de‑provisioning, and role‑based access controls across AD and integrated IAM platforms.
• Implement and maintain secure authentication mechanisms, including MFA, Kerberos, and privileged access management.
• Monitor AD health, replication, and security posture; troubleshoot and resolve directory‑related issues.
• Ensure compliance with internal security policies and external regulations (e.g., MTSA, GDPR) for AD and IAM environments.
• Support audits and risk assessments related to AD and IAM; implement controls based on findings.
• Evaluate AD‑integrated IAM tools and recommend enhancements for efficiency and security.
• Provide guidance and training on secure AD and IAM practices to stakeholders.

• Partner with enterprise and solution architects to drive adoption of AD and IAM platform patterns.
• Collaborate with cloud and security teams to assess implications of hybrid identity solutions (Azure AD/Entra ).
• Provide business‑friendly language for complex AD and identity architecture concepts.
• Mentor junior security and solution architects.

• Deep knowledge of Active Directory architecture, including DNS integration, replication, GPOs, and AD hardening best practices.
• Strong experience with IAM platforms (SailPoint, Cyber Ark, Azure Entra , Intune).
• Familiarity with cybersecurity principles and frameworks (NIST, ISO 27001).
• Ability to ensure adherence to regulatory requirements and internal policies.
• Strong analytical and problem‑solving skills.
• Excellent communication and collaboration skills for cross‑functional engagement.
• High ethical standards and attention to detail.

• Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field.
• 7+ years of experience in Active Directory architecture, identity and access management, or cybersecurity leadership.
• Preferred certifications: CISSP, CISA, Microsoft Certified:
  Identity and Access Administrator Associate.
• Vendor certifications from AWS, Microsoft Azure, or Google Cloud Platform preferred.

• Experience with hybrid identity solutions (on‑prem AD + Azure AD).
• Knowledge of automation…