POSITION SUMMARY:
The Identity and Access Management Engineer reports to the Director of Identity & Access Management (IAM). The IAM Engineer performs user provisioning and identity management across unautomated provisioned systems within the IDM portfolio stack; through the establishment and maintenance of identities and the assignment of access rights as part of the IDM lifecycle. Research, evaluate, develop, and implement processes that continually enhance identity management. Work with business units, Internal Audit, IT teams and vendors to deliver enterprise class IAM services while supporting the goals and objectives of the organization.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Work on automation and scripting to enable self-service environments and processes where practical
Configure and maintain IAM technology stack; Integrate and maintain SSO with business applications (on/off board)
Work with the IAM team to implement and automate processes
Serve as subject matter expert in *nix authentication and authorization capabilities
Create, support, maintain custom scripts or code on the IAM stack
Provide consultation on internal projects focusing on business needs with identity management, manage IAM change management requests, and work with internal IT teams
Evaluate and monitor project efforts, timelines, and task management
QUALIFICATIONS:
Ideal candidate will have 3+ years of experience working within the information security and/or identity management disciplines
3 + years of experience with software or systems engineering
3+ years of experience with Java, JavaScript, C#, WebServices, etc
3+ years of experience with LDAP, Kerberos, SSO, ADFS, Open DS, SAML, OAuth, AuthO, etc
3+ years of experience design, implementation, integration, and testing using Azure AD, LDAP, OKTA, SailPoint, Saviynt, CyberArk, Xceedium, Centrify, and CA PAM or Beyond Trust
3+ years of experience with implementing or maintaining large-scale identity and access management solutions
1+ years of experience design, implementation, integration, and testing using HYPR passwordless solutions
Knowledge of multi-factor authentication technologies and ABAC designs
Experience or comfort with FIDO UAF and FIDO2
Work experience of HYPR FIDO Control Center
Prior experience with identity management tools (e.g. Centrify, Archer, Okta, SailPoint, Saviynt, Radiant Logic, Forge Rock,etc)
Understanding of DevOps tools (Bit bucket, Jenkins, Jules, Automated deployment tools) with CICD capabilities.
Provisioning and workflow tools such as Sailpoint, Saviynt, Micro Focus/NetIQ, ForgeRock, One Identity etc.
Solid experience with databases, LDAP and directory services application servers, operating systems and network infrastructure.
Exposure to J2EE/.Net and vendor-based applications.
Automation experience with Ansible play books and programming languages like Java, Perl, Python or Powershell scripting.
Solid communication skills coupled with eagerness to learn.
An understanding of troubleshooting and configuring connectors, Privileged ID Management, and API integrations.
Prior experience request/approval process, on/off boarding, user access reviews and a substantial portion of experience in a role that includes the job duties noted above.
A university degree in the field of computer science, IT or Information Security
Security industry certifications are a plus
KNOWLEDGE AND SKILLS:
Demonstrates strong organization skills and time management.
Ability to manage multiple tasks / projects while ensuring deadlines are met.
Knowledge and experience with Active Directory, LDAP, DB, UNIX/Linux, AWS IAM.
Experience with Web Access Management Single Sign On tools: SecureAuth, Siteminder, PingAccess, PingFederate, ForgeRock, OKTA, Azure.
Integration experience with SAML, OpenID Connect, Oauth.
Integration experience with Multi Factor Authentication.
Integration experience with passwordless authentication
User directories: Understanding of LDAP, Virtual Directory Services, Directory Services, and Active Directory.
Experienced with PAM, IGA, DS, SIEM.
Experience with PCI and SOX audits.
Exceptionally self-motivated, effective multi-tasking, and thrives in a small team environment.
Possess excellent analytical, evaluative, and problem-solving abilities.
Good understanding of ABAC methodologies.
Understanding of Identity and Access Management principles and processes.
Possess excellent written and oral communication skills including the ability to articulate requirements to both technical and non-technical audiences.
Good interpersonal skills.
Work Environment:
Requires travel to support internal business partners (RCL offices, ships, international, and 3rd party service provider facilities).
Requires 24x7 operational support on a monthly rotation with the team.
Royal Caribbean Cruises
The Identity and Access Management Engineer reports to the Director of Identity & Access Management (IAM). The IAM Engineer performs user provisioning and identity management across unautomated provisioned systems within the IDM portfolio stack; through the establishment and maintenance of identities and the assignment of access rights as part of the IDM lifecycle. Research, evaluate, develop, and implement processes that continually enhance identity management. Work with business units, Internal Audit, IT teams and vendors to deliver enterprise class IAM services while supporting the goals and objectives of the organization.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Work on automation and scripting to enable self-service environments and processes where practical
Configure and maintain IAM technology stack; Integrate and maintain SSO with business applications (on/off board)
Work with the IAM team to implement and automate processes
Serve as subject matter expert in *nix authentication and authorization capabilities
Create, support, maintain custom scripts or code on the IAM stack
Provide consultation on internal projects focusing on business needs with identity management, manage IAM change management requests, and work with internal IT teams
Evaluate and monitor project efforts, timelines, and task management
QUALIFICATIONS:
Ideal candidate will have 3+ years of experience working within the information security and/or identity management disciplines
3 + years of experience with software or systems engineering
3+ years of experience with Java, JavaScript, C#, WebServices, etc
3+ years of experience with LDAP, Kerberos, SSO, ADFS, Open DS, SAML, OAuth, AuthO, etc
3+ years of experience design, implementation, integration, and testing using Azure AD, LDAP, OKTA, SailPoint, Saviynt, CyberArk, Xceedium, Centrify, and CA PAM or Beyond Trust
3+ years of experience with implementing or maintaining large-scale identity and access management solutions
1+ years of experience design, implementation, integration, and testing using HYPR passwordless solutions
Knowledge of multi-factor authentication technologies and ABAC designs
Experience or comfort with FIDO UAF and FIDO2
Work experience of HYPR FIDO Control Center
Prior experience with identity management tools (e.g. Centrify, Archer, Okta, SailPoint, Saviynt, Radiant Logic, Forge Rock,etc)
Understanding of DevOps tools (Bit bucket, Jenkins, Jules, Automated deployment tools) with CICD capabilities.
Provisioning and workflow tools such as Sailpoint, Saviynt, Micro Focus/NetIQ, ForgeRock, One Identity etc.
Solid experience with databases, LDAP and directory services application servers, operating systems and network infrastructure.
Exposure to J2EE/.Net and vendor-based applications.
Automation experience with Ansible play books and programming languages like Java, Perl, Python or Powershell scripting.
Solid communication skills coupled with eagerness to learn.
An understanding of troubleshooting and configuring connectors, Privileged ID Management, and API integrations.
Prior experience request/approval process, on/off boarding, user access reviews and a substantial portion of experience in a role that includes the job duties noted above.
A university degree in the field of computer science, IT or Information Security
Security industry certifications are a plus
KNOWLEDGE AND SKILLS:
Demonstrates strong organization skills and time management.
Ability to manage multiple tasks / projects while ensuring deadlines are met.
Knowledge and experience with Active Directory, LDAP, DB, UNIX/Linux, AWS IAM.
Experience with Web Access Management Single Sign On tools: SecureAuth, Siteminder, PingAccess, PingFederate, ForgeRock, OKTA, Azure.
Integration experience with SAML, OpenID Connect, Oauth.
Integration experience with Multi Factor Authentication.
Integration experience with passwordless authentication
User directories: Understanding of LDAP, Virtual Directory Services, Directory Services, and Active Directory.
Experienced with PAM, IGA, DS, SIEM.
Experience with PCI and SOX audits.
Exceptionally self-motivated, effective multi-tasking, and thrives in a small team environment.
Possess excellent analytical, evaluative, and problem-solving abilities.
Good understanding of ABAC methodologies.
Understanding of Identity and Access Management principles and processes.
Possess excellent written and oral communication skills including the ability to articulate requirements to both technical and non-technical audiences.
Good interpersonal skills.
Work Environment:
Requires travel to support internal business partners (RCL offices, ships, international, and 3rd party service provider facilities).
Requires 24x7 operational support on a monthly rotation with the team.
Royal Caribbean Cruises
Other Info
Philippines
Permanent
Full-time
Permanent
Full-time
Submit profile
Royal Caribbean Cruises
About the company
Position sr eng, identity & access m gmt recruited by the company Royal Caribbean Cruises at , Joboko automatically collects the salary of , finds more jobs on Sr Eng, Identity & Access Mgmt or Royal Caribbean Cruises company in the links above
About the company