Job Description — Principal Architect, Messaging & Identity Infrastructure

Department: IT

Department:Connected Digital Experiences

Location:HP Inc. (Mexico, Guadalajara)

Level:Principal / Technical Architect (individual contributor)

About the Role

HP runs one of the largest enterprise messaging and identity environments in the technology industry, spanning Microsoft Exchange (on-premises and Exchange Online), Active Directory, Entra ID, and the directory and PKI footprint inherited through HP's acquisitions (including Poly / Plantronics). ThePrincipal Architect, Messaging & Identity Infrastructureis the senior technical owner for this estate — driving its operation, security posture, M&A integration, and the multi-year sunset of legacy environments such as the ATM / HPNOW Yokohama infrastructure.

This is a like-for-like backfill for a long-tenured Principal Architect on the Connected Digital Experiences team. The role is hands-on and deeply technical, with broad cross-organizational influence across IT Operations, Information Security, GRC, and external managed-service partners (NTT Data, Entrust, Microsoft Mission Critical Services for M365).

What You'll Do

Messaging & Email Platform

• Own architecture and engineering direction forMicrosoft Exchange Server (on-premises) and Exchange Online, including the corp-domain Exchange estate, hybrid configuration, and mail flow.

• Driveemail security configuration— BEC sensitivity tuning, anti-phishing, and Defender for Office 365 policies — and partner with managed-service vendors on day-to-day operational changes.

• UseExchange Online PowerShellto script, audit, and operate the environment at scale (e.g. mailbox configuration, auto-reply policies, recipient management).

• Serve as senior escalation point for production incidents involving messaging — drive root-cause analysis and incident closure reporting.

Active Directory & Entra ID

• Leaddirectory consolidation and decommissioning— including the in-flight Poly AD decommission, scope coordination with GRC/audit, and engineering-team retention exceptions.

• Partner with theIdentity Governance & Administration (IGA)team on access reviews, account lifecycle, and Entra connections.

M&A Integration & Legacy Sunset

• Lead the technical workstream forHPNOW / ATM Sunset— the multi-year migration off the Yokohama-hosted AD and Exchange environment — including architectural review, scope definition, and transition-support planning with NTT Data.

• Define the post-Yokohama target state for AD/Exchange functions and lead the re-architecture where existing capabilities are insufficient.

• Driveenterprise application cleanup(working with the apps team to retire orphaned tenants and unused services).

PKI, Servers & Adjacent Infrastructure

• Own thecertificate authoritystrategy with Entrust (including the new Austin DC CA replacing the unsupported legacy CA) and certificate lifecycle for production services such as Poly Manufacturing.

• Provide architectural input on adjacent infrastructure: server inventory and backup posture, monitoring (PRTG migration), and network/NNI changes routed through the Network CAB.

• Maintain accurateCI/EPRID records in ServiceNow / HP NOWfor the messaging, directory, and server estate, and partner with operations to keep RFC approvals unblocked.

Governance, Risk & Compliance

• Execute and close outGRC controlsaffecting the messaging and directory estate on schedule.

• Represent the team inChange Advisory Boards(Network CAB, etc.) and architecture reviews.

• Partner with Microsoft Mission Critical Services for M365 on platform health, escalations, and roadmap alignment.

What You'll Bring

Required

• 12+ years of enterprise infrastructure experience, with deep expertise inMicrosoft Exchange (on-prem and Exchange Online / M365)andActive Directory.

• Strong working knowledge ofEntra ID, hybrid identity, and Microsoft 365 administration at enterprise scale.

• Demonstrated track record leadingdirectory consolidations, mail migrations, or post-acquisition integrationsin a large, multi-domain environment.

• Fluent inExchange Online PowerShelland AD scripting / automation.

• Hands-on experience withenterprise PKI(certificate authorities, certificate lifecycle, vendor management — Entrust or equivalent).

• Familiarity withServiceNow / CMDBpractices (CIs, EPRIDs, RFCs, CAB processes).

• Strong written and verbal communication — comfortable representing the team to executives, auditors, and external partners.

Preferred

• Experience operating withmanaged-service partners(NTT Data, Microsoft Premier/MCS, or equivalents) and steering contractual obligations.

• Background sunsetting legacy data center infrastructure and migrating to modernized US-region equivalents.

• Familiarity withGRC / SOX-style IT controlsand audit response.

• Exposure to enterprise monitoring (PRTG or similar) and network change processes.