Engineer, IAM

POSITION SUMMARY

Join a dynamic and growing Identity and Access Management team, implementing the latest technologies to drive excellent experiences for our customers and internal workforce clients. 

The Identity Operations Engineer is a key member of the IAM team and reports to the Manager of Identity & Access Management, Operations.  You’ll never be bored, with opportunities to work on IAM application design and configuration, DevOps automation of IAM technologies across the hybrid cloud and fleet, and custom Java / scripting development.

As a combined engineering and operations team, we want people who think creatively about how to solve difficult Identity issues and how they can be run efficiently.  Our team offers the opportunity to grow and develop skills in new areas.

We want your experience and expertise, but most of all we want your enthusiasm to make our IAM solutions awesome!

KEY RESPONSIBILITIES

• Manage, maintain and document ongoing operations of IAM solutions, ensuring system availability, performance, and compliance.
• Monitor and analyze privileged access activities to detect and mitigate risks using automated monitoring and alerting tools.
• Use “Configuration as Code” and DevOps methodologies to ensure rapid implementation and deployment of IAM solutions.
• Work with the IAM team to implement and automate IAM lifecycle management processes.
• Work to continuously improve the performance, reliability, and security of the IAM platform.
• Responsible for operating and maintaining the access and identity management services supporting our Guests and internal stakeholders, including access and authorization services,

QUALIFICATIONS AND EDUCATION

• An ideal candidate will have 3 to 5 years of experience working within the identity management or privileged access management disciplines. 
• A university degree in the field of IT, computer science, engineering (computer/electronics and communications), or Information Security is preferred, but equivalent work experience is acceptable
• Security industry and vendor certifications are a plus (CompTIA Network+, Security+, AWS/Azure DevOps Engineer, AWS/Azure Security Engineer)
• Experience managing, integration and testing using one or more of the following technologies: Azure Entra ID (Active Directory), LDAP, ForgeRock, OKTA, SailPoint, Saviynt, CyberArk, Centrify, CA PAM, Beyond Trust
• Experience designing, developing, deploying, and operating AI and agentic AI tools (e.g., ChatGPT, Copilot, Claude, n8n).
• DevOps tools for code deployment and management (Git, Jenkins, Ansible, Puppet, etc.)
• Linux (RHEL) / UNIX / Windows system administration and security
• Experience with PowerShell, Python, Java, JavaScript, C#, etc.
• Experience with SSO technologies ( SAML, OAuth2, OIDC, Auth0, Kerberos, ADFS, etc. )
• Experience designing, deploying, and operating workloads across AWS, Azure, GCP, and on-premises environments, including hybrid/multi-cloud architectures, infrastructure-as-code, networking, security, and cost/performance optimizations.
• Possess excellent written and oral communication skills including the ability to articulate requirements to both technical and non-technical audiences.
• Knowledgeable in program and project management skills using Agile development framework

FINANCIAL/QUANTITIVE RESPONSIBILITIES

n/a

COMPARABLE POSITIONS/PEERS

n/a

HOW HAS THE JOB CHANGED/GROWN

n/a

INTERNAL/ EXTERNAL RELATIONSHIPS

The candidate will engage with the wider GIS team as well as internal and external stakeholders to deliver optimal IAM operations.

PHYSICAL REQUIREMENTS

WORKING CONDITIONS

• Requires 24x7 on-call operational support on a monthly rotation with the team.
• The candidate will need to be able to work the Manila daytime shift, as well as the mid-shift (3:00pm – 12:00am).  Candidates able to work the night shift (12:00am – 9:00am) will be looked at preferentially.
• Opportunity to work on cutting-edge IAM, PKI and PAM technologies within a global environment.