At Elanco (NYSE: ELAN) – it all starts with animals!
As a global leader in animal health, we are dedicated to innovation and delivering products and services to prevent and treat disease in farm animals and pets. At Elanco, we are driven by our vision of Food and Companionship Enriching Life and our purpose – all to Go Beyond for Animals, Customers, Society and Our People.
At Elanco, we pride ourselves on fostering a diverse and inclusive work environment. We believe that diversity is the driving force behind innovation, creativity, and overall business success. Here, you’ll be part of a company that values and champions new ways of thinking, work with dynamic individuals, and acquire new skills and experiences that will propel your career to new heights.
Making animals’ lives better makes life better – join our team today!
Your role: Principal Engineer - Identity Access Management
Elanco is seeking a highly skilled and experienced IAM Principal Engineer to provide technical leadership and architectural support for our enterprise hybrid identity architecture, authentication platforms, and workforce identity lifecycle management.
In this pivotal role, you will drive the technical execution of our Active Directory (AD), Microsoft Entra ID and JML platforms through transformation projects, ensuring solutions are robust, secure, and aligned with the overarching architectural vision set by the client-side Lead architect. You will be instrumental in translating architectural blueprints into actionable designs and guiding engineering teams through complex implementations.
The role does not include direct people management; however, the Principal Engineer will be expected to provide technical leadership, mentoring and support for other Workplace engineers in the team.
Your Responsibilities:
Technical Leadership
Lead the end‑to‑end technical delivery of the directory transformation program, converting target‑state architecture into detailed engineering designs, implementation patterns, and deployment runbooks.
Drive collaborative requirements gathering and joint design workshops with cross‑functional stakeholders to ensure identity solutions meet business, security, compliance, and operational needs.
Serve as the technical authority throughout the project lifecycle, assessing business and security requirements, guiding technology selection, mentoring engineering teams, and incorporating feedback from security operations and platform teams.
Define and validate technical requirements for Microsoft Entra ID and on‑premises directory integrations, partnering closely with information security, risk, infrastructure, architecture, and business units to ensure seamless interoperability.
Execute complex platform changes, including directory consolidation, domain modernization, tenant optimization, divestitures, and merger‑related identity platform integrations.
Contribute to enterprise technology strategies, architectural standards, and design principles, ensuring identity and directory services consistently support Elanco’s business and security objectives.
Design and support the deployment of Identity and Access Management (IAM) integrations, ensuring alignment with architectural standards, technical feasibility, and secure‑by‑design patterns.
External Engagement
Engaging in the community (internally and externally) across multiple channels, looking to share, educate and inspire.
Establishing strong partnerships across the architecture community and Information Security, helping to identify opportunities and mitigate risks.
Working with Information Security on the implementation of the Elanco security roadmap.
Serving on various forums to analyse projects and programs to ensure they are technically sound, will do no harm, and will deliver the expected outcomes.
What You Need to Succeed (minimum qualifications):
10+ years of progressive experience in Identity & Access Management, with at least 5 years focused on enterprise directory services and hybrid identity architectures across large, global organizations.
Expert‑level proficiency in Microsoft Entra ID and Active Directory, including architecture, design, federation, conditional access, Zero Trust enforcement, modern authentication protocols, and hands‑on engineering of complex identity environments.
Deep, practical understanding of IAM principles and security frameworks, including identity governance, authentication/authorization models, least privilege, Zero Trust, modern MFA strategies, and alignment with frameworks such as NIST, CIS, ISO 27001, and Microsoft’s identity security baseline.
Extensive experience with Joiner‑Mover‑Leaver (JML) lifecycle automation, preferably Workday‑driven, including identity provisioning, role mapping, automated access workflows, and governance controls across HR‑integrated identity platforms.
Demonstrated understanding of Privileged Access Management (PAM) solutions—preferably Delinea.
Proven leadership delivering large‑scale identity transformation initiatives, including directory consolidation, domain modernization, tenant‑to‑tenant migrations, and M&A or divestiture‑driven identity restructuring.
Strong technical mentoring capability, with a track record of guiding engineering teams, influencing architectural decisions, and driving high‑impact identity programs from concept to execution.
Exceptional communication and stakeholder engagement skills, capable of presenting complex identity concepts to executives, architects, security leaders, and engineering teams, while building consensus and steering technical direction.
Don’t meet every single requirement? Studies have shown underrepresented groups are less likely to apply to jobs unless they meet every single qualification. At Elanco we are dedicated to building a diverse and inclusive work environment.If you think you might be a good fit for a role but don't necessarily meet every requirement, we encourage you to apply.You may be the right candidate for this role or other roles!
Elanco is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status
