At Sun Pharma, we commit to helping you “Create your own sunshine”— by fostering an environment where you grow at every step, take charge of your journey and thrive in a supportive community.
Are You Ready to Create Your Own Sunshine?
As you enter the Sun Pharma world, you’ll find yourself becoming ‘Better every day’ through continuous progress. Exhibit self-drive as you ‘Take charge’ and lead with confidence. Additionally, demonstrate a collaborative spirit, knowing that we ‘Thrive together’ and support each other’s journeys.”
Position Summary:
We are seeking an accomplished and strategic Senior Domain Lead to oversee enterprise email and collaboration systems, Active Directory (AD), Identity & Access Management (IDAM), and their security and cloud integrations. The role focuses on end-to-end management and security governance across hybrid environments, ensuring scalable, secure, and compliant digital identity and collaboration infrastructure.
Key Responsibilities:
1. Infrastructure & Operations Management
- Manage daily operations for Microsoft 365 (Exchange Online, Teams, SharePoint), Active Directory (on-prem and Azure AD), and domain services.
- Ensure stability and performance of hybrid AD and collaboration systems through proactive monitoring and incident management.
- Maintain internal and public DNS, DHCP, certificates, and domain name configurations.
2. Identity & Access Management (IDAM)
- Own the implementation and operation of IDAM platforms supporting user lifecycle management, access provisioning, and deprovisioning.
- Design and manage SSO, MFA, conditional access, and privileged access controls (PAM) using tools like Azure AD, SailPoint, or Saviynt.
- Ensure proper RBAC models, access certifications, and policy enforcement across systems.
3. Email & AD Security
- Strengthen security posture of email systems by configuring and maintaining anti-phishing, DLP, spam filtering, and encryption tools (e.g., Microsoft Defender for Office 365, Mimecast, Proofpoint).
- Implement and maintain DMARC, DKIM, SPF, and secure mail flow policies.
- Lead AD security hardening, including Tiered Administration, Kerberos policies, ACL reviews, and delegation best practices.
- Enforce least privilege, admin account separation, and monitoring of high-privilege actions (via SIEM or native auditing tools).
- Partner with SOC and Security teams to respond to identity and email-related threats or incidents.
4. Cloud Integration & Identity Governance
- Administer and secure cloud identity solutions across Azure, Microsoft 365, and third-party SaaS platforms.
- Align hybrid AD and Azure AD with cloud security frameworks and Zero Trust principles.
- Manage B2B/B2C identities, OAuth/SAML integrations, and conditional access policies for external partners.
5. Projects & Transformation
Lead initiatives such as:
- Email platform migration or consolidation (e.g., from on-prem to M365),
- Deployment of IDAM platforms,
- Secure collaboration tool rollouts,
- Cloud-first identity transformations.
- Define project scope, success metrics, resource plans, and stakeholder engagement strategy.
6. Compliance, Governance & Risk Management
- Define and maintain governance frameworks for collaboration, identity, and directory services.
- Ensure alignment with compliance standards (e.g., GDPR, ISO 27001, HIPAA, SOX).
- Conduct periodic access reviews, admin audits, and mailbox permissions checks.
- Own documentation, runbooks, and policy lifecycle management.
7. Vendor & License Management
- Manage third-party service providers and tools across email security, cloud identity, and collaboration suites.
- Oversee licensing, renewals, and performance reviews.
- Evaluate and onboard new solutions as per evolving enterprise needs.
8. Leadership & People Management
- Lead a team of email, AD, cloud, and IDAM specialists.
- Assign responsibilities, set goals, and promote cross-skilling and upskilling.
- Ensure availability through structured support models, escalation procedures, and documentation.
