Identity Access Management IT Advisor (Houston, TX)

Contribute. Grow. Lead...with OxyChem. Looking for a challenge? Desire to achieve your true potential? OxyChem is a growing, action-oriented, safety driven chemical manufacturing company continually striving to be the best in the business while staying focused on environmental protection. The secret to our success has and will continue to be our people.

Occidental Chemical Corporation (OxyChem) is a leading North American manufacturer of polyvinyl chloride (PVC) resins, chlorine and caustic soda - key building blocks for a variety of indispensable products such as plastics, pharmaceuticals and water treatment chemicals. Other OxyChem products include caustic potash, chlorinated organics, sodium silicates, chlorinated isocyanurates and calcium chloride. OxyChem's market position is among the top three producers in the United States for the principal products it manufactures and markets. Based in Dallas, Texas, the company has manufacturing facilities in the U.S., Canada and Latin America.

In a fast-paced industry that demands precision, we create a supportive workplace where the safety and well-being of our employees are paramount. We are committed to rewarding top performers, offering very competitive pay and benefits, and providing tremendous career development opportunities.

We are seeking a Senior Enterprise Active Directory & Identity Architect to lead the design, implementation, and governance of enterprise identity platforms with a primary focus on Active Directory (AD) and related identity services. This role combines enterprise AD architecture with identity and access management (IAM) responsibilities, ensuring secure, scalable, and compliant solutions across the organization. You will define architecture roadmaps, patterns, and standards for AD and IAM platforms while collaborating with IT teams and business units to safeguard systems and manage user access.

• Design and maintain enterprise Active Directory architecture, including forests, domains, OU structure, and Group Policy Objects (GPOs).
• Manage identity provisioning, de-provisioning, and role-based access controls across AD and integrated IAM platforms.
• Implement and maintain secure authentication mechanisms, including MFA, Kerberos, and privileged access management.
• Monitor AD health, replication, and security posture; troubleshoot and resolve directory-related issues.
• Ensure compliance with internal security policies and external regulations (e.g., MTSA, GDPR) for AD and IAM environments.
• Support audits and risk assessments related to AD and IAM; implement controls based on findings.
• Evaluate AD-integrated IAM tools and recommend enhancements for efficiency and security.
• Provide guidance and training on secure AD and IAM practices to stakeholders.

• Partner with enterprise and solution architects to drive adoption of AD and IAM platform patterns.
• Collaborate with cloud and security teams to assess implications of hybrid identity solutions (Azure AD/Entra ID).
• Provide business-friendly language for complex AD and identity architecture concepts.
• Mentor junior security and solution architects.

• Technical Expertise: Deep knowledge of Active Directory architecture, including DNS integration, replication, GPOs, and AD hardening best practices.
• Strong experience with IAM platforms (SailPoint, CyberArk, Azure Entra ID, Intune).
• Familiarity with cybersecurity principles and frameworks (NIST, ISO 27001).
• Risk & Compliance: Ability to ensure adherence to regulatory requirements and internal policies.
• Analytical & Problem-Solving: Skilled in identifying risks and implementing effective mitigation strategies.
• Soft Skills: Excellent communication and collaboration skills for cross-functional engagement.
• High ethical standards and attention to detail.

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field.
• 7+ years of experience in Active Directory architecture, identity and access management, or cybersecurity leadership.
• Preferred certifications: CISSP, CISA, Microsoft Certified: Identity and Access Administrator Associate.
• Vendor certifications from AWS, Microsoft Azure, or Google Cloud Platform preferred.

• Experience with hybrid identity solutions (on-prem AD + Azure AD).
• Knowledge of automation tools for AD and IAM processes (PowerShell scripting).
• Familiarity with cybersecurity incident response and architecture.
• Ability to mentor and lead technical teams.

Recruitment Fraud

It has come to our attention various individuals and/or organizations are contacting people falsely pretending to recruit on behalf of Oxy. Please be aware that these recruiting scams and communications do not originate nor are they associated with our recruitment process. All Oxy job postings and offers will require a completed application through our company website.

Oxy does not charge a fee at any stage of the recruiting process. We will never:

*Ask you to pay for applications, interviews, meetings, processing, training or for any other fees

*Use recruiting or placement agencies that charge candidates an advance fee of any kind or

*Request personal information such as passport and bank account details at an early stage of our recruitment process.

We recommend against responding to unsolicited business propositions or offers from people you don't know. Do not disclose your personal or financial details. If you believe you have been the victim of a recruiting scam, please contact your local police department.

All qualified applicants will receive consideration for employment without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.