Journey with us! Combine your career goals and sense of adventure by joining our exciting team of employees. Royal Caribbean Cruises Ltd. is pleased to offer a competitive compensation & benefits package, and excellent career development opportunities, each offering unique ways to explore the world.
The Cyber Security IAM & APPSEC reports to the Director of Information Security for IAM & AppSec. The Manager of Cyber Security IAM & APPSEC will lead a team of administrators, analysts and engineers, owning enterprise identities and application security. Managing internal and external relationships as it pertains to the Royal IAM & AppSec stack. Leading project efforts, resources, deadlines, and metrics to support the overall IAM & AppSec ROI's.
Essential Duties and Responsibilities:
- Acts as intermediary and facilitator to help resolve ongoing complex technical issues;
- Manages the daily workload, distributes assignments to associates using a KANBAN approach;
- This includes, planning, monitoring, reviewing, and evaluate work products;
- Manage 3 rd party IAM & AppSec vendors workload, ensure tasks are deliver on time and within the allotted resource hours;
- Supports building the strategy and roadmap of the IAM & AppSec Program;
- Supports onboarding of applications to the Identity stack;
- Identify automation of manual processes to improve ROI of the program;
- Work towards identifying and closing potential security gaps within the organization;
- Manage, prepare, and respond to audit and regulatory inquires on a timely basis;
- Provide consultation on internal projects focusing on business needs;
- Evaluate and monitor project efforts, timelines, and task management;
- Creates team goals and communicates what the organization and department goals are;
- Experience coaching, mentoring, and driving high caliber employees;
- Requires travel to support internal business partners (RCL offices, ships, international, and 3rd party service provider facilities), post COVID.
Qualifications, Knowledge and Skills:
- Ideal candidate will have 5 - 7+ years of experience working within the information security and/or identity and/pr AppSec management disciplines
- A university degree in the field of computer science, IT or Information Security
- Security industry certifications are a plus
- Prior experience in leading people
- Technical experience in identity, systems engineering, security engineering, and/or devsecops;
- Understanding of IAM, Active Directory, Directory Services, SSO, CI/CD, containers/microservices, Cloud Security;
- Strong oral, written communication skills
- Ability to manage multiple tasks / projects while ensuring deadlines are met.
- Knowledge and experience with Active Directory, LDAP, DB, UNIX/Linux, AWS/Azure IAM.
- Experience with Web Access Management tools.
- Integration experience with SAML, OpenID Connect, Oauth, MFA.
- User directories: Understanding of LDAP, Virtual Directory Services, Directory Services, and Active Directory.
- Experienced with PAM, IGA, DS, SIEM.
- Knowledge and experience with OWASP Top 10 AppSec Framework & DevSecOps Pillars, including mobile.
- Experience with PCI and SOX audits.
- Exceptionally self-motivated, effective multi-tasking, and thrives in a team environment.
- Possess excellent analytical, evaluative, and problem-solving abilities.
- Understanding of Identity and Access Management & AppSec principles and processes.
- Possess excellent written and oral communication skills including the ability to articulate requirements to both technical and non-technical
It is the policy of the Company to ensure equal employment and promotion opportunity to qualified candidates without discrimination or harassment on the basis of race, color, religion, sex, age, national origin, disability, sexual orientation, sexuality, gender identity or expression, marital status, or any other characteristic protected by law. RCL and each of its subsidiaries prohibit and will not tolerate discrimination or harassment.