The comedy of this is that one would expect an authentication and identity platform to be in the top percent of good actors in security incident response.
Might be time to reinstall Active Directory in your basement.
AD controllers are a pain to maintain in the future though. At a BigCo I was SRE at, there were some running on ancient versions of Windows. The funny thing to me is, nobody was quite certain what exactly it gave access to. The support team would need to reset passwords for users on a weekly basis though. It was a huge mess.
AD is still shockingly robust. For one thing, if you were using "ancient versions of Windows", your experience was different than today. Though FWIW, it's a personal frustration that built-in features of Windows Server have been left to rot on the vine a bit because a lot of the resources Microsoft had working on them got shifted to Azure, because the cloud is a cash printer. There are a lot of modern UI conveniences that on-prem AD doesn't have for no reason other than Microsoft would rather you move to the cloud and pay them monthly per head.
I suspect that if your title was SRE, and they still had some on-prem AD controllers, they were probably not maintained as well as a place who still calls their IT folks SysAdmins, if the titles are any hint on the general focus of tech stacks.