IT engineer Principal Architect Active Directory O365

IT engineer Principal Architect Active Directory O365 Description - Job Description — Principal Architect, Messaging & Identity Infrastructure Department: IT Department:

Connected Digital Experiences

Location:

HP Inc. (Mexico, Guadalajara)

Level:

Principal / Technical Architect (individual contributor)

About the Role HP runs one of the largest enterprise messaging and identity environments in the technology industry, spanning Microsoft Exchange (on-premises and Exchange Online), Active Directory, Entra ID, and the directory and PKI footprint inherited through HP's acquisitions (including Poly / Plantronics). The

Principal Architect, Messaging & Identity Infrastructure

is the senior technical owner for this estate — driving its operation, security posture, M&A integration, and the multi-year sunset of legacy environments such as the ATM / HPNOW Yokohama infrastructure. This is a like-for-like backfill for a long-tenured Principal Architect on the Connected Digital Experiences team. The role is hands-on and deeply technical, with broad cross-organizational influence across IT Operations, Information Security, GRC, and external managed-service partners (NTT Data, Entrust, Microsoft Mission Critical Services for M365). What You'll Do Messaging & Email Platform Own architecture and engineering direction for

Microsoft Exchange Server (on-premises) and Exchange Online , including the corp-domain Exchange estate, hybrid configuration, and mail flow. Drive

email security configuration

— BEC sensitivity tuning, anti-phishing, and Defender for Office 365 policies — and partner with managed-service vendors on day-to-day operational changes. Use

Exchange Online PowerShell

to script, audit, and operate the environment at scale (e.g. mailbox configuration, auto-reply policies, recipient management). Serve as senior escalation point for production incidents involving messaging — drive root-cause analysis and incident closure reporting. Active Directory & Entra ID Lead

directory consolidation and decommissioning

— including the in-flight Poly AD decommission, scope coordination with GRC/audit, and engineering-team retention exceptions. Partner with the

Identity Governance & Administration (IGA)

team on access reviews, account lifecycle, and Entra connections. M&A Integration & Legacy Sunset Lead the technical workstream for

HPNOW / ATM Sunset

— the multi-year migration off the Yokohama-hosted AD and Exchange environment — including architectural review, scope definition, and transition-support planning with NTT Data. Define the post-Yokohama target state for AD/Exchange functions and lead the re-architecture where existing capabilities are insufficient. Drive

enterprise application cleanup

(working with the apps team to retire orphaned tenants and unused services). PKI, Servers & Adjacent Infrastructure Own the

certificate authority

strategy with Entrust (including the new Austin DC CA replacing the unsupported legacy CA) and certificate lifecycle for production services such as Poly Manufacturing. Provide architectural input on adjacent infrastructure: server inventory and backup posture, monitoring (PRTG migration), and network/NNI changes routed through the Network CAB. Maintain accurate

CI/EPRID records in ServiceNow / HP NOW

for the messaging, directory, and server estate, and partner with operations to keep RFC approvals unblocked. Governance, Risk & Compliance Execute and close out

GRC controls

affecting the messaging and directory estate on schedule. Represent the team in

Change Advisory Boards

(Network CAB, etc.) and architecture reviews. Partner with Microsoft Mission Critical Services for M365 on platform health, escalations, and roadmap alignment. What You'll Bring Required 12+ years of enterprise infrastructure experience, with deep expertise in

Microsoft Exchange (on-prem and Exchange Online / M365)

and

Active Directory . Strong working knowledge of

Entra ID , hybrid identity, and Microsoft 365 administration at enterprise scale. Demonstrated track record leading

directory consolidations, mail migrations, or post-acquisition integrations

in a large, multi-domain environment. Fluent in

Exchange Online PowerShell

and AD scripting / automation. Hands-on experience with

enterprise PKI

(certificate authorities, certificate lifecycle, vendor management — Entrust or equivalent). Familiarity with

ServiceNow / CMDB

practices (CIs, EPRIDs, RFCs, CAB processes). Strong written and verbal communication — comfortable representing the team to executives, auditors, and external partners. Preferred Experience operating with

managed-service partners

(NTT Data, Microsoft Premier/MCS, or equivalents) and steering contractual obligations. Background sunsetting legacy data center infrastructure and migrating to modernized US-region equivalents. Familiarity with

GRC / SOX-style IT controls

and audit response. Exposure to enterprise monitoring (PRTG or similar) and network change processes. Job - Software Schedule - Full time Shift - No shift premium (Mexico) Travel - Relocation - Equal Opportunity Employer (EEO) - HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s). Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence. For more information, review HP’s

EEO Policy or read about your rights as an applicant under the law here: “ Know Your Rights: Workplace Discrimination is Illegal "

Required 12+ years of enterprise infrastructure experience, with deep expertise in

Microsoft Exchange (on-prem and Exchange Online / M365)

and

Active Directory . Strong working knowledge of

Entra ID , hybrid identity, and Microsoft 365 administration at enterprise scale. Demonstrated track record leading

directory consolidations, mail migrations, or post-acquisition integrations

in a large, multi-domain environment. Fluent in

Exchange Online PowerShell

and AD scripting / automation. Hands-on experience with

enterprise PKI

(certificate authorities, certificate lifecycle, vendor management — Entrust or equivalent). Familiarity with