American Express Global Business Travel Identity and Access Management Engineer in Lansing, Michigan
The Identity & Access Management Engineer responsibilities will be to develop and support complex Identity and Access Management (IAM) systems and architecture initiatives by designing, coding, debugging, documenting and maintaining complex programs and systems and network activities. They serve as one of the technical leads for IAM projects and play an integral role in the delivery of new and improved IAM systems that are reliable and secure. They will support the definition and deployment of IAM capabilities and processes with a focus on cloud-based identity and access management services, including cloud capabilities such as federated services and privileged access management.
The IAM Engineer will ensure that any and all Identity and Access Management services are secure, available, efficient, and meet defined corporate service levels and compliance requirements.
Provide solutions and operations for Identity and Access Management services for our on-premises and cloud environments.
Architect and design IAM technology such as access management, directory services, federation (SAML, OAuth, OpenID Connect), Multi factor Authentication (MFA), Single Sign On (SSO), Active Directory, API gateway access control, identity governance & administration.
Engineer solutions to ensure that PAM solutions and services perform according to defined processes, meet defined policies and comply with information security requirements
Responsible for the oversight and successful implementation of a mechanism protecting privileged accounts across the organization, including areas such as Password Vaulting, Session Login, Session Recording and Break Glass solutions.
Support the development of security strategies and architecture vision as it relates to the GBT’s cloud initiatives, specifically setting the direction for IAM as it relates to cloud.
Provide IAM solutions for migrating or building new applications in the GBT environment across multiple Cloud providers including but not limited to Azure and AWS
Review the production readiness of technology solution implementations and application deployments and coordinates next steps across the involved teams
· Assist in identifying risks and issues and developing recommendations that address significant risks and complex issues
· Participate in production support remediation activities
· Collaborate with vendors on root cause analysis and helps drive mitigation or elimination actions for future incidents
· Ability to produce high-quality documentation appropriate for its intended audience; work with internal teams on user interface documents and tutorials; generate and maintain flowcharts, diagrams, process diagrams
Required Technical Skills:
8+ years of experience within corporate IT environment with minimum 4+ years of experience with IAM Engineering.
Knowledge of information security concepts. Deep working knowledge of at least one IAM tool/operating system.
Strong Preference for certifications such as CISSP or IAM tool specific certification
Experience with SSO/Federation (SAML, OAuth, FIDO2, Etc.), Multifactor Authentication along with experience in Directories, Delegated administration, API gateways, SOA services. (Okta, Ping)
Experience with Privileged Identity and Access Management (CyberArk, OneIdentity Safeguard)
Experience with world class IDM/IAM suites (Saviynt, SailPoint, OIM)
Experience with supporting IAM in a Cloud environment, including Azure or AWS
Strong preference for Certified Professionals with relevant Cloud Certifications
Experience in automation using PowerShell or other scripting languages
Experience working in an enterprise environment with Incident Management, Change Management, and SOX/PCI controls.
· University degree in Business, Information Technology, or equivalent combination of education and industry certifications (CISSP, or relevant certifications a plus)
· Strong interpersonal and consultative skills
· Ability to effectively prioritize and execute tasks in a high-pressure environment
· Excellent written & verbal communication skills
· Experience working in a team-oriented, collaborative environment
· Perform their duties under minimal supervision, exercising autonomy to review and fulfill their duties within the scope of their position
- Demonstrated experience leading and participating in troubleshooting, managing, and solving issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
It is our policy to provide equal employment opportunities to all individuals based on job-related qualifications and ability to perform a job, without regard to age, gender, gender identity, sexual orientation, race, color, religion, creed, national origin, disability, genetic information, veteran status, citizenship or marital status, and to maintain a non-discriminatory environment free from intimidation, harassment or bias based upon these grounds.
GBT Recruitment Privacy Statement at https://www.amexglobalbusinesstravel.com/gbt-recruitment-privacy-statement/
American Express Global Business Travel (GBT) is the world’s leading business partner for managed travel. We help companies and employees prosper by making sure travelers are present where and when it matters. We keep global business moving with the powerful backing of 16,000 travel professionals in more than 140 countries. Companies of all sizes, and in all places, rely on GBT to provide travel management services, organize meetings and events, and deliver business travel consulting.
American Express Global Business Travel
- American Express Global Business Travel Jobs