Engineer, IAM

KEY RESPONSIBILITIES

Join the Royal Caribbean Group as part of a dynamic and growing Identity and Access Management team in Manila, Philippines. You'll work with cutting-edge technologies to enhance security and single sign-on (SSO) experiences for enterprise applications across our organization.

The Entra IAM Engineer is a key member of the IAM team, reporting to the Manager of Identity & Access Management, Operations. You’ll contribute to onboarding enterprise applications to Microsoft Entra ID, configuring security settings, managing identity lifecycle processes, and ensuring the platform operates securely and efficiently.

As a combined engineering and operations team, we value creative problem-solving and efficiency. This role offers opportunities to grow and develop your expertise in IAM technologies while working with a global organization.

QUALIFICATIONS AND EDUCATION

• 3+ years of experience in Identity and Access Management or related disciplines.
• Hands-on experience with Microsoft Entra ID (formerly Azure AD) and enterprise application security configuration.
• A university degree in computer science, IT, or information security is preferred, but equivalent work experience is acceptable.
• Security industry certifications are a plus (e.g., Microsoft Certified: Security, Compliance, and Identity Fundamentals).

FINANCIAL/QUANTITIVE RESPONSIBILITIES

• Manage and maintain ongoing IAM configuration in Microsoft Entra ID, ensuring system availability, performance, and compliance.
• Onboard enterprise applications to Microsoft Entra ID, configuring SSO using SAML, OAuth2, and OIDC protocols.
• Collaborate with teams to implement and manage security configurations in Microsoft Entra ID, improving the overall security posture of the organization.
• Monitor and analyze user access activities and enforce security policies.
• Automate IAM lifecycle management processes using DevOps tools and methodologies.
• Continuously improve the reliability, scalability, and security of IAM solutions.

KNOWLEDGE AND SKILLS

• Microsoft Entra ID (Azure AD) security and SSO configuration.
• SSO technologies such as SAML, OAuth2, OIDC, and Kerberos.
• Identity lifecycle management and user provisioning/deprovisioning processes.
• Active Directory user security and group management.
• Operational management of IAM technologies, including cloud-based solutions.
• DevOps tools for automation (e.g., Git, Jenkins, Ansible, etc.).
• Basic scripting languages: PowerShell, Python, or similar.

We expect that you:

• Demonstrate strong organization and time management skills.
• Proactively identify and address challenges.
• Manage multiple tasks/projects while meeting deadlines.
• Possess excellent analytical and problem-solving abilities.
• Communicate effectively with technical and non-technical audiences.
• Work well in a team and possess strong interpersonal skills.

HOW HAS THE JOB CHANGED/GROWN

(Only needed if we need to re-evaluate and grade the job. Please explain what’s different with the scope from before.)

INTERNAL/ EXTERNAL RELATIONSHIPS

List here the internal (company) and external (market) main interactions within and outside the organization, including the purpose of interaction and frequency.

PHYSICAL REQUIREMENTS

Use this section to list the physical requirements to perform the daily tasks and job duties.

WORKING CONDITIONS

• Requires 24x7 operational support on a monthly rotation with the team.