Apply now »

Sr Eng, Identity & Access Mgmt


The Identity and Access Management Engineer reports to the Director of Identity & Access Management (IAM). The IAM Engineer performs user provisioning and identity management across unautomated provisioned systems within the IDM portfolio stack; through the establishment and maintenance of identities and the assignment of access rights as part of the IDM lifecycle. Research, evaluate, develop, and implement processes that continually enhance identity management. Work with business units, Internal Audit, IT teams and vendors to deliver enterprise class IAM services while supporting the goals and objectives of the organization.




  • Work on automation and scripting to enable self-service environments and processes where practical
  • Configure and maintain IAM technology stack; Integrate and maintain SSO with business applications (on/off board)
  • Work with the IAM team to implement and automate processes
  • Serve as subject matter expert in *nix authentication and authorization capabilities 
  • Create, support, maintain custom scripts or code on the IAM stack 
  • Provide consultation on internal projects focusing on business needs with identity management, manage IAM change management requests, and work with internal IT teams
  • Evaluate and monitor project efforts, timelines, and task management



  • Ideal candidate will have 3+ years of experience working within the information security and/or identity management disciplines 
  • 3 + years of experience with software or systems engineering
  • 3+ years of experience with Java, JavaScript, C#, WebServices, etc
  • 3+ years of experience with LDAP, Kerberos, SSO, ADFS, Open DS, SAML, OAuth, AuthO, etc
  • 3+ years of experience design, implementation, integration, and testing using Azure AD, LDAP, OKTA, SailPoint, Saviynt, CyberArk, Xceedium, Centrify, and CA PAM or Beyond Trust
  • 3+ years of experience with implementing or maintaining large-scale identity and access management solutions
  • 1+ years of experience design, implementation, integration, and testing using HYPR passwordless solutions
  • Knowledge of multi-factor authentication technologies and ABAC designs
  • Experience or comfort with FIDO UAF and FIDO2 
  • Work experience of HYPR FIDO Control Center
  • Prior experience with identity management tools (e.g. Centrify, Archer, Okta, SailPoint, Saviynt, Radiant Logic, Forge Rock,etc)
  • Understanding of DevOps tools (Bit bucket, Jenkins, Jules, Automated deployment tools) with CICD capabilities.
  • Provisioning and workflow tools such as Sailpoint, Saviynt, Micro Focus/NetIQ, ForgeRock, One Identity etc. 
  • Solid experience with databases, LDAP and directory services application servers, operating systems and network infrastructure. 
  • Exposure to J2EE/.Net and vendor-based applications.
  • Automation experience with Ansible play books and programming languages like Java, Perl, Python or Powershell scripting. 
  • Solid communication skills coupled with eagerness to learn. 
  • An understanding of troubleshooting and configuring connectors, Privileged ID Management, and API integrations.
  • Prior experience request/approval process, on/off boarding, user access reviews and a substantial portion of experience in a role that includes the job duties noted above.
  • A university degree in the field of computer science, IT or Information Security
  • Security industry certifications are a plus



  • Demonstrates strong organization skills and time management. 
  • Ability to manage multiple tasks / projects while ensuring deadlines are met.
  • Knowledge and experience with Active Directory, LDAP, DB, UNIX/Linux, AWS IAM.
  • Experience with Web Access Management Single Sign On tools: SecureAuth, Siteminder, PingAccess, PingFederate, ForgeRock, OKTA, Azure.
  • Integration experience with SAML, OpenID Connect, Oauth.
  • Integration experience with Multi Factor Authentication.
  • Integration experience with passwordless authentication
  • User directories: Understanding of LDAP, Virtual Directory Services, Directory Services, and Active Directory.
  • Experienced with PAM, IGA, DS, SIEM.
  • Experience with PCI and SOX audits.
  • Exceptionally self-motivated, effective multi-tasking, and thrives in a small team environment.
  • Possess excellent analytical, evaluative, and problem-solving abilities.
  • Good understanding of ABAC methodologies.
  • Understanding of Identity and Access Management principles and processes.
  • Possess excellent written and oral communication skills including the ability to articulate requirements to both technical and non-technical audiences.
  • Good interpersonal skills.



Work Environment:

  • Requires travel to support internal business partners (RCL offices, ships, international and 3rd party service provider facilities).
  • Requires 24x7 operational support on a monthly rotation with the team.
  • #LI-DW1

Nearest Major Market: Miami

Apply now »