Sr. Identity and Access Management Engineer in Raleigh, NC at Royal Caribbean Cruises Ltd.

Date Posted: 10/8/2019

Job Snapshot

Job Description

Great vacations begin with great employees!
Combine your experience and sense of adventure by joining our exciting team of employees in Raleigh, NC. Royal Caribbean Cruises Ltd. is pleased to offer a competitive compensation & benefits package, and excellent career development opportunities, each offering unique ways to explore the world. 

Position Summary:

The Sr. Identity and Access Management Engineer reports to the Director of Identity & Access Management (IAM). The Sr. IAM Engineer performs user provisioning and identity management across unautomated provisioned systems within the IDM portfolio stack; through the establishment and maintenance of identities and the assignment of access rights as part of the IDM lifecycle. Research, evaluate, develop, and implement processes that continually enhance identity management. Work with business units, Internal Audit, IT teams and vendors to deliver enterprise class IAM services while supporting the goals and objectives of the organization.

Essential Duties and Responsibilities:

Work on automation and scripting to enable self-service environments and processes where practical;

Configure and maintain IAM technology stack;

Integrate and maintain SSO with business applications (on/off board);

Set direction for engineering efforts and act as the functional technical leader during implementations;

Work with the IAM team to implement and automate processes;

Serve as subject matter expert in *nix authentication and authorization capabilities

Create, support, maintain custom scripts or code on the IAM stack

Provide consultation on internal projects focusing on business needs with identity management, manage IAM change management requests, and work with internal IT teams

Evaluate and monitor project efforts, timelines, and task management

All other duties as assigned.


Job Requirements

Knowledge and Skills:

  • Ideal candidate will have 5+ years of experience working within the information security and/or identity management disciplines
  • 3 + years of experience with software or systems engineering
  • 3+ years of experience with Java, JavaScript, C#, WebServices, etc
  • 3+ years of experience with LDAP, Kerberos, SSO, ADFS, Open DS, SAML, OAuth, AuthO, etc
  • 3+ years of experience design, implementation, integration, and testing using Azure AD, LDAP, OKTA, SailPoint, Saviynt, CyberArk, Xceedium, Centrify, and CA PAM or Beyond Trust
  • 3+ years of experience with implementing or maintaining large-scale identity and access management solutions
  • Knowledge of multi-factor authentication technologies and ABAC designs
  • Prior experience with identity management tools (e.g. Centrify, Archer, Okta, SailPoint, Saviynt, Radiant Logic, Forge Rock,etc)
  • Understanding of DevOps tools (Bit bucket, Jenkins, Jules, Automated deployment tools) with CICD capabilities.
  • Provisioning and workflow tools such as Sailpoint, Saviynt, Micro Focus/NetIQ, ForgeRock, One Identity etc.
  • Solid experience with databases, LDAP and directory services application servers, operating systems and network infrastructure.
  • Exposure to J2EE/.Net and vendor based applications.
  • Automation experience with Ansible play books and programming languages like Java, Perl, Python or Powershell scripting.
  • Solid communication skills coupled with eagerness to learn.
  • An understanding of troubleshooting and configuring connectors, Privileged ID Management, and API integrations.
  • Prior experience request/approval process, on/off boarding, user access reviews and a substantial portion of experience in a role that includes the job duties noted above.
  • A university degree in the field of computer science, IT or Information Security
  • Security industry certifications are a plus
  • Demonstrates strong organization skills and time management.
  • Ability to manage multiple tasks / projects while ensuring deadlines are met.
  • Knowledge and experience with Active Directory, LDAP, DB, UNIX/Linux, AWS IAM.
  • Experience with Web Access Management Single Sign On tools: SecureAuth, Siteminder, PingAccess, PingFederate, ForgeRock, OKTA, Azure.
  • Integration experience with SAML, OpenID Connect, Oauth.
  • Integration experience with Multi Factor Authentication.
  • User directories: Understanding of LDAP, Virtual Directory Services, Directory Services, and Active Directory.
  • Experienced with PAM, IGA, DS, SIEM.
  • Experience with PCI and SOX audits.
  • Exceptionally self-motivated, effective multi-tasking, and thrives in a small team environment.
  • Possess excellent analytical, evaluative, and problem-solving abilities.
  • Good understanding of ABAC methodologies.
  • Understanding of Identity and Access Management principles and processes.
  • Possess excellent written and oral communication skills including the ability to articulate requirements to both technical and non-technical audiences.
  • Good interpersonal skills.

It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. RCL and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.


  1. Software Engineer Jobs
  2. Project Engineer Jobs

Stay Connected!

If you’re interested in career opportunities, but not ready to apply, join our Talent Network to stay connected to us and receive updates on the latest job opportunities and company news.