This job has expired and you can't apply for it anymore. Start a new search.

Engineer, Identity and Access Management Engineering

Engineer, Identity and Access Management Engineering
12 Jul 2017

Engineer, Identity and Access Management Engineering

With the widest range of places to stay, Wyndham Worldwide welcomes people to experience travel the way they want. As an integrated hospitality company, Wyndham provides travelers with access to a collection of trusted brands in hotels, vacation ownership, and unique accommodations. With a collective inventory of nearly 130,000 places to stay across 110 countries on six continents, Wyndham Worldwide and its 38,000 associates provide more travel choices than anyone else.

Our family of businesses includes Wyndham Destination Network, Wyndham Hotel Group and Wyndham Vacation Ownership. With this unmatched portfolio, we offer something no other hospitality company can - the opportunity to have a great travel experience regardless of the location or type of accommodation. Our suite of hospitality brands are category leaders today and are making bold moves to meet the needs of the future traveler. This is enhanced by Wyndham Rewards®, the Company's re-imagined guest loyalty program across its businesses, which is making it simpler for members to earn more rewards and redeem their points faster.

Wyndham Worldwide's culture of service and core values embrace a global workforce where individuals from all types of backgrounds, with different perspectives, are valued, supported, and encouraged to bring their whole self to work.

Primary Function:

The primary function of the Engineer, IAM Engineering, is to assist with coordination and execution of user provisioning and general maintenance activities for Identity Management technology and application environments in the Wyndham Enterprise. The Engineer, Identity and Access Management (IAM) Engineering will be part of a team reporting to the Senior Manager, Identity and Access Management Engineering to deliver services to the Wyndham Enterprise.


The Identity Management Engineer will have the following responsibilities
  • Automation account and access provisioning
  • Administration, maintenance and monitoring of Identity Management systems; including SailPoint IdentityIQ LifeCycle Manager, SailPoint IdentityIQ Compliance Manager, Okta and Oracle IDM Suite
  • Customization of the various identity management systems according with business specifications; these customization will include workflows, aggregation, provisioning, and reconciliation rules in SailPoint and Oracle IDM and authentication rules in Okta
  • Document technical design, configuration, customizations and technical specification documents
  • Perform functional and technical requirements gathering and analysis for an enterprise wide identity and access management program

User Access Management
  • The Engineer will perform account, access and group management in Okta using RESful APIs.
  • The Engineer will Configuration and support of various Okta features such as: Okta Desktop SSO (Kerberos/IWA), Multi-factor authentications with RSA
  • The Engineer will coordinate with the Business, HR and other stakeholders to determine employee or third party/vendor level of access and status (manually or via automated workflows).

Role Management and Design
  • The Engineer will oversee periodic compliance audits (i.e. access recertification) in conjunction with risk and compliance management for PCI, SOX, PII and BCP/DR related systems.
  • Manage remediation activities in response to access recertification, audit and/or assessment findings pertaining to inappropriate user access
  • Assist project teams with the design and implementation of user access roles at the application and technology infrastructure levels as necessary
  • Oversee communication between business and data owners to define appropriate user access levels corresponding to job responsibilities and requirements
  • Interface with information risk and compliance team to incorporate enterprise role design into system classifications and sensitivity as necessary

Solution Maintenance and Strategy
  • Develop Identity Management as a shared service in support of internal and external identity, access, and workflow needs
  • Work with IT in the design of an End User Directory Architecture
  • Monitor changes to identity and access management tools and ensures system is appropriately updated as needed
  • Provide oversight to validate that Identity Management activities align with security requirements set by the Information Security Policy and Architecture team as well as maximize efficiencies
  • Synchronize with the Information Risk and Compliance Management, Architecture teams and the Information Security Policy to develop new capabilities/functions


Skills and Experience:
  • Relevant background with Identity and Access Management solutions including cross platform Governance, Risk and Compliance modules
  • SailPoint IdentityIQ experience is highly desirable
  • 4 - 6 years of experience in relevant IT field
  • Knowledge of modern webservices and authentication concepts such as REST, CORS, and JSON
  • Knowledge of the Java programming language and SailPoint API
  • Knowledge of scripting languages such as PowerShell, Groovy, Python
  • Strong knowledge in LDAP and Active Directory Services
  • Knowledge of WebLogic administration or any other Java application server
  • Knowledge of Single Sign-On and Authentication and Authorization Services such as SAML 2.0 and OpenID Connect
  • Proficient in understanding of related information security and platform technologies (e.g. Windows/Unix operating systems, local and remote authentication methods, VPN, Oracle, etc.)
  • Must be analytical and detail oriented
  • Excellent written and verbal communications
  • CISSP Certification is a plus