Director, Infrastructure & End-User Services

Job Description:

The Director, Infrastructure & End-User Services leads enterprise teams that deliver secure, reliable, and high-quality workplace and infrastructure services. Accountable for identity and account management, end-user computing (Windows and macOS), Microsoft 365 platforms, Windows Servers and Desktop Support operations, this leader ensures employees have the access, devices, and tools needed to work productively while meeting security, compliance, and reliability expectations. The Director serves as the single point of accountability for end-user services, ensuring a seamless, secure, and audit-ready technology experience from employee onboarding through exit.

Key Responsibilities

• Identity, Account & Access Management (IAM): Own enterprise Identity and Access Management operations, including employee onboarding, role changes, offboarding, user identity lifecycle, provisioning/de-provisioning, and access certifications aligned to least-privilege, segregation of duties, and timely access removal principles.
• End-User Systems & Device Management: Lead teams responsible for Windows and macOS endpoint management, including configuration, patching, OS lifecycle management, endpoint security, compliance, vulnerability remediation, device standards, imaging, and hardening. Own full device lifecycle from procurement through retirement.
• Desktop Support Operations: Lead Desktop Support teams providing day-to-day user support, hardware troubleshooting, software installation, and break-fix support. Define and enforce SLAs, service standards, escalation paths, and drive automation to reduce ticket volume and improve resolution times.
• Microsoft 365 & Collaboration Services: Lead M365 engineering and operations teams (Exchange Online, SharePoint Online, OneDrive, Microsoft Teams). Establish governance for collaboration lifecycle, external/guest access, information protection, retention, and compliance. Partner with Security and Architecture to ensure secure, scalable adoption.
• Windows Server Administration: Oversee the development, operational support and security of 150+ windows servers in AWS, including patching (Ivanti Neurons), AMI lifecycle management, and instance right-sizing. Lead system administrators to administer, maintain, and optimize a single domain Active Directory forest including Domain Controllers, DNS, DHCP, Group Policy, and Sites & Services.
• Service Delivery & Operational Excellence: Ensure end-user and infrastructure services meet SLAs, reliability, and experience goals. Implement automation and standard operating procedures; define and report service performance metrics; coordinate business continuity and disaster recovery readiness.
• Leadership & Stakeholder Management: Lead, mentor, and develop multi-disciplinary teams across IAM, end-user computing, Desktop Support, System Administrators and M365 engineering. Manage vendor relationships, partner with Security and Business leaders, communicate risks and performance to executive leadership, and own budget forecasting and cost optimization.
• Strategic Planning: Develop and maintain workplace technology strategy and multi-year roadmap aligned to business priorities and security requirements.

Minimum Qualifications

• 10+ years of experience in infrastructure, end-user services, or workplace technology
• 5+ years of people leadership managing multiple technology teams
• Strong experience in Identity & Access Management, Windows and macOS endpoint management, desktop support operations, Windows server administration and Microsoft 365 platforms
• Experience operating in large, regulated enterprise environments

Required Technical Skills & Knowledge

• Identity: Microsoft Entra ID (Azure AD), MFA/SSPR, conditional access, privileged access concepts (PIM/PAM), and access review processes
• Endpoint Management: Microsoft Intune/Endpoint Manager, Ivanti, and/or JAMF (or equivalent), patching, compliance policies, software deployment, and endpoint hardening
• Microsoft 365 Administration: Exchange Online, Teams, SharePoint/OneDrive, collaboration governance, external sharing controls, and information protection fundamentals
• ITSM Operations: Incident/problem/change management, service catalog, knowledge management, and major incident communications (ITIL-aligned)
• Security and Compliance: Endpoint security controls, vulnerability management coordination, audit support, and regulated-environment operational discipline
• Endpoint Security Tooling: Microsoft Defender for Endpoint (or equivalent), device risk scoring, and attack surface reduction concepts
• Microsoft 365 Compliance & Data Protection: Purview (sensitivity labels, DLP basics, retention), eDiscovery concepts, and collaboration governance controls
• Automation & Scripting: PowerShell (preferred) and/or Python for onboarding/offboarding automation, reporting, M365 administration, and support operations
• Service Desk Tooling: ServiceNow (preferred) or equivalent (incident/request/change, CMDB concepts, service catalog, SLAs/OLAs, knowledge base, automation workflows)
• Endpoint Engineering: Windows (GPO/MDM policy design, Autopilot concepts, patch rings) and macOS (profiles, security baselines), application packaging/deployment, and imaging practices
• Hybrid Identity Fundamentals: Active Directory concepts, group management, authentication fundamentals, and Entra ID integration patterns
• Workplace Connectivity: DNS/DHCP, VPN, Wi-Fi basics, certificate usage, and troubleshooting approaches
• IT Asset Management: Inventory controls, hardware standards, secure disposal, license reconciliation, refresh planning, and audit-ready documentation
• Project & Change Delivery: Scoping, stakeholder alignment, communications, cutover planning, training/enablement, and adoption measurement for workplace technology rollouts

Preferred Qualifications

• Financial services, insurance, healthcare, or similarly regulated industry experience
• Experience integrating IAM with HR systems and downstream applications
• Familiarity with Zero Trust and endpoint security models
• ITSM platforms and service catalogs
• M365 Copilot governance and adoption
• Vendor and contract management experience

Core Competencies

• Customer Service: Exceptional attitude and passion for providing outstanding service to internal customers
• Attention to Detail: Thoroughness in accomplishing tasks; monitors and checks work; plans and organizes time and resources efficiently
• Analytical Skills: Collects and researches data; designs workflows and procedures; identifies data relationships and dependencies
• Communications: Strong listening and comprehension skills; expresses ideas clearly in verbal and written form; keeps others adequately informed
• Managing People: Develops direct reports' skills; provides direction and guidance; motivates others and exhibits confidence in self and others
• Problem Solving: Resolves issues efficiently and quickly; evaluates options and escalates appropriately
• Relationship Management: Manages interactions to service and support the organization; establishes credibility and trust
• Teamwork: Contributes to positive team spirit; exhibits objectivity and openness to others' views

Supervisory Responsibilities: Yes

Base Salary Range - $175,000-$200,000

For over 175 years, Penn Mutual has empowered individuals, families and businesses on the journey to achieve their financial goals. Through our partnership with Financial Professionals across the U.S., we help instill the confidence and reliability that comes from a stronger financial future. Penn Mutual and its affiliates offer a comprehensive suite of competitive products and services to meet the unique needs of Financial Professionals and their clients, including life insurance, annuities, wealth management and institutional asset management. To learn more, including current financial strength ratings, visit www.pennmutual.com.

Penn Mutual is committed to Equal Employment Opportunity (EEO). We provide employment and advancement opportunities to all qualified applicants and associates, according to applicable laws. This is reflected in our practices for hiring, placement, promotion, transfer, demotion, layoff, termination, recruitment, compensation, selection or training, and all other terms and conditions of employment. All employment-related decisions and practices are free from unlawful discrimination. This includes: race, creed, color, national origin, ancestry, citizenship age, gender (including pregnancy), sexual orientation, gender identity or expression, domestic partnership or civil union status, marital status, genetic information, disability, religious observance or practice, liability, veteran status or any other classification protected under applicable law.