Lead Systems Engineer - Identity and Access Management (IAM)

Location

Central, LA | United States

Job description

Enterprise Mobility is the world’s largest car rental operator and an industry leader in mobility and technology . We’re one of the top global travel companies, ranking ahead of many airlines and most cruise lines and hotels. And no matter what transportation challenges our customers face, we have an innovative solution.

We operate the Enterprise Rent-A-Car National Car Rental and Alamo Rent A Car brands via more than 10,000 fully staffed neighborhood and airport offices, including franchisee branches, in over 90 countries and territories.

Through this robust global network, we operate a fleet of over 2.3 million vehicles and provide a comprehensive portfolio of transportation solutions, including car rental, carsharing, vanpooling, car sales, truck rental, vehicle-subscription and affiliated fleet management services. As a total mobility provider, we serve the needs of a wide variety of customers, businesses, government agencies and organizations every day.

At the center of it all, our dedicated IT teams innovate, design and develop the technology that is redefining how customers rent, buy and share vehicles from our family of brands. Here, you will be part of a diverse and talented team that creates and delivers powerful technology solutions for our customers and employees across the world with the resources and support to develop in a variety of career paths.

As an Enterprise employee, we offer an excellent package with market-competitive pay, comprehensive healthcare packages, 401k matching & profit sharing, schedule flexibility, work from home opportunities, paid time off, and organizational growth potential.

This position is open to candidates who wish to work from home (WFH). Employees who choose virtual / remote work should have an adequate space to serve as their home office.  #LI-REMOTE

Responsibilities

The Identity and Access Management (IAM) team has an exciting opportunity for a Lead Systems Engineer (Engineer 3 , Systems)!

The Identity and Access Management team at Enterprise Mobility is responsible for protecting all company resources and intellectual property through strict and consistent access control policies that ensure data and systems remain confidential, trustworthy, and available to our employees, partners, and customers.  We ensure that users have the appropriate level of access to the proper resources at the appropriate time. Our team is currently transforming our processes, policies, and tooling to support a Zero Trust architecture that will reduce risk, reduce cost, and increase our capabilities across all of our platforms and environments, all while enhancing the end user experience. We are searching for a passionate, self-starter who can help lead the organization in this transformation journey and propel us into the future of IAM. 

As an Engineer 3 you will be responsible for:

• Providing analysis, design, development, implementation, and support of identity solutions and related technologies
• Partnering with various IT teams, vendors, and lines of business to ensure solutions are built to best practices and will meet all applicable business, legal, and audit requirements
• Creating and maintaining accurate documentation of technical requirements, designs, infrastructure, and support processes
• Proposing software and/or configuration enhancements to adapt to changes in business requirements or to gain efficiencies through automation
• Improving identity and access management solutions and systems for protection against evolving threats and efficiency
• Coaching and developing other members of the organization on the best practices that should be followed in identity and access management
• Managing access and permissions where necessary and implementing automated solutions
• Troubleshooting and managing issues related to identities, systems access accounts, authentication, authorization, entitlements, and permissions
• Supporting an IAM technology stack including monitoring, hygiene, enhancements, development, and other activities to ensure the security systems are operational and effective
• Obtaining an in-depth understanding of IAM enterprise technologies, as well as key business and security drivers as they relate to the projects
• Driving continual improvement processes to enhance the end-user experience, increase technology value, and improve security posture

Key Characteristics:

• Intellectual curiosity. People who require strict work boundaries and/or prefer to focus within a single technical domain may not be as well drawn to this role. 
• We are looking for someone with passion who loves a challenge. This person has strong engineering instincts and can sense risks while navigating towards solutions.
• Automate everything mentality. Understanding how to integrate disparate technologies using vendor APIs and orchestration tools is paramount to the success of this candidate. This person needs to be interested in more than clicking a button; this person must be involved in replacing button clicks with automation.
• Ability to see the bigger picture. This person will understand the connections among all elements of a solution. They will help others see how their systems and related decisions connect to the bigger picture and affect success.
• Communication skills. This person is an active listener and a fully engaged communicator. They will engage in projects and not wait for questions to be packaged up and delivered - rather, they will actively participate in the projects assigned.
• Comfortable with uncertainty (and the certainty of change). This person can anticipate change and is willing to embrace uncertainty, confidently knowing that they can be patient and adapt.
• Execution orientated. This person has a strong sense of initiative and can define their path forward from a high-level vision. 

Equal Opportunity Employer/Disability/Veterans

Qualifications

Required:

• Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
• Bachelor's degree in Computer Science, Computer Information Systems, Management Information Systems, Cybersecurity, or related field is required
• 5+ years of related p rofessional experience developing, engineering, and administering an enterprise-grade IAM Platform (Ping, CyberArk, Microsoft, ForgeRock, Okta, etc.)
• 5+ years of experience working with Microsoft's Entra suite of products, specifically Entra ID ( formally Azure AD)
• 5+ years of experience working with Azure, AWS , or a cloud-hosted environment
• 5+ years of experience working in the IAM cybersecurity landscape including identity stores, authentication/authorization, strong authentication, multi-factor authentication, single sign-on (SSO), and privileged access management capabilities and methodologies
• 5+ years of working experience with authentication standards and technologies, such as multi factor authentication, JSON Web Token (JWT), OAuth, OIDC, SAML, etc.
• 3+ years of experience automating cloud deployments using Azure Resource Manager or HashiCorp Terraform
• Working knowledge of modern IT infrastructure components, including but not limited to: networking, load balancing, firewall rules, SSL, system management / monitoring, and hardware components (storage, CPU, etc.)
• Professional experience working with in ITIL processes such as Incident/Problem/Configuration/Change management
• Must be curious and interested in exploring modern technologies , and have a desire to push your skillset outside of your comfort zone
• Must be capable of leading meetings and discussions focused on the creation of the overall solution versus the underlying technology
• Ability to effectively prioritize work on multiple simultaneous requests and execute tasks in a fast-paced environment while balancing conflicting demands
• Effective communication skills with the ability to communicate technical details in a clear, concise, understandable manner  while being able to relate to, and influence, both technical and non-technical staff
• Must be committed to incorporating security into all decisions and daily job responsibilities

Preferred:

• Experience working with Privileged Access Management (PAM) and CyberArk
• Expert knowledge of protocol, Web APIs, XML, YAML, JSON, SOA/Web services and best practices
• Strong knowledge of RESTful services
• Experience in delivering software through entire SDLC process
• Experience in identity threat detection and response
• Basic understanding of Microsoft Security services (e.g., Microsoft Defender for Identity, Azure Information Protection, Microsoft Cloud App Security)
• Experience with one or more programming languages such as C++, Java, Python, JavaScript , or C#
• Intermediate level experience with PowerShell scripting
• Intermediate level experience with Microsoft SQL Server (nested queries, stored procedures, views, normalization, cluster, etc. )
• Intermediate level experience with Active Directory, ADFS (Active Directory Federation Services) , and Exchange / Exchange Online

Job tags

Salary