AVP, Identity & Access Management Architect and Operations Lead (Permanent – Onsite – Orlando, FL)

An opportunity has come through our network for an AVP, Identity & Access Management (IAM) Architect and Operations Lead at a leading global provider of vacation ownership, rental, and resort experiences. This permanent position, based onsite in Orlando, Florida, is crucial for spearheading the strategy, planning, evaluation, and implementation of the entire IAM stack across the organization.

The company is currently undergoing a significant technology transformation, with a focus on modernization to enhance customer relationships and expand accessibility across all experiences and destinations. Their ambitious goal is to become a technology leader in hospitality, and they are seeking individuals eager to bring their expertise long-term. Under new leadership, the entire Global Technology organization, including Engineering & Operations, Data Platforms & Engineering, Artificial Intelligence, Information Security, Privacy, Infrastructure, Products & Platforms, Delivery Office, and the Office of the CIO, has been reinvigorated and is primed for substantial growth. The business intends to double its spending on Technology across the organization for each of the next three years, offering a unique opportunity to be a part of this journey and drive innovation through technology adoption.

The Role: Guiding IAM Strategy and Operations in Hospitality

Reporting to the VP of Information Security Architecture, this pivotal role will guide and oversee all IAM functions across the enterprise. You will be instrumental in developing a centralized provisioning IAM engine, managing hybrid cloud environments, securing privileged access, and shaping the security vision for advanced IT architectures.

• Architect, Implement, and Manage Comprehensive IAM Systems: You will lead the effort to architect, implement, and comprehensively manage all IAM systems, including complex Customer IAM (CIAM) solutions tailored for consumer-facing interactions in the hospitality sector. Your responsibilities will span all facets of Identity and Access Management, encompassing Identity Governance (managing user lifecycles, access certifications, and policy enforcement), Access Management (controlling user access to various resources), and Privileged Access Management (PAM) (securing elevated access for critical systems).
• Develop Centralized Provisioning Engine and Manage Workflows: A key responsibility will be to develop a centralized provisioning IAM engine designed for all business and workforce applications. This includes implementing automated workflows and robust review certification processes to ensure accurate and timely access provisioning and de-provisioning, streamlining operations, and enhancing security.
• Oversee Hybrid Cloud IAM Management: You will architect and manage hybrid cloud management specific to IAM, ensuring seamless and secure identity synchronization and access controls across both on-premises infrastructure and various cloud environments. Your expertise will be vital in navigating the complexities of hybrid cloud identity.
• Lead Authentication and Authorization Strategy: You will drive the strategy and implementation for authentication and authorization mechanisms. This includes defining and deploying robust solutions for user verification, single sign-on (SSO), multi-factor authentication (MFA), and secure access policies across diverse applications and platforms. Your proficiency in J2EE, .Net, Service Oriented Architecture (SOA), Web Services, LDAP, XML, OAuth, OpenID, and SAML 2.0 is essential for these efforts.
• Manage Privileged Access Management (PAM): You will oversee and implement comprehensive Privileged Access Management (PAM) solutions. This involves securing, monitoring, and auditing privileged accounts and sessions to prevent unauthorized access and mitigate insider threats for critical systems and data.
• Design and Select Information Security Solutions: You’ll be instrumental in designing, specifying, and selecting business application information security solutions. This requires a holistic approach, considering not only core functionality but also critical aspects of data security, privacy, interoperability, scalability, and performance for advanced IT architectures.
• Contribute to Global Enterprise Cloud Architecture: This role will directly contribute to the global enterprise cloud architecture by ensuring that IAM principles and solutions are integrated into cloud designs from the ground up. You will also lead the security vision and strategy specifically around business-focused identity management and information security within the evolving cloud landscape.
• Manage Performance Tuning, Backup, and Recovery: You must possess expert knowledge in performance tuning for modern identity management systems, ensuring optimal responsiveness and throughput. You’ll also oversee and implement robust backup and recovery methods across multiple computing environments for IAM systems, guaranteeing data integrity and business continuity.
• Ensure Audit and Compliance: You will drive efforts related to audit and compliance for IAM. This includes conducting regular audits to ensure systems and processes adhere to established IAM standards, internal policies, and regulatory requirements, such as HIPAA, GDPR, PCI-DSS, and SOX. Your vigilance ensures continuous adherence to stringent financial and privacy regulations.
• Champion Information Security Principles: You will champion information security principles and best practices on key customer feature development projects. This involves actively collaborating with development teams to design secure architectures and ensure that developed systems align with the company’s security strategy and policy from inception.
• Lead Integration Definition and Methodology: You will lead the definition and methodology for ensuring applications and processes are fully integrated with our client’s digital and service delivery platforms. This includes standardizing integration patterns and ensuring seamless connectivity and secure data exchange between IAM and various enterprise systems.
• Ensure Application Security Adherence and Design Mitigation Solutions: You will ensure that company-developed and third-party applications strictly adhere to security best practices and principles. For applications that do not initially meet these standards, you will skillfully design mitigation solutions to bring them into compliance, reducing the firm’s attack surface.
• Create Security Architecture Documentation: You will be responsible for meticulously creating security architecture documentation, including architecture frameworks, design patterns, logical and physical diagrams, and established standards for future reference and review.
• Partner with Leadership on Security and Data Privacy: You will foster strong partnerships with leaders across the Information Security and Data Privacy organization, as well as other organizational leads, to align on strategy and ensure integrated security approaches.
• Provide Strategic Solutions to Application Security Hurdles: You will work directly with peers and/or third parties to provide strategic mitigations and solutions to solve major application security hurdles by evaluating business strategies and requirements, addressing complex challenges in a collaborative manner.
• Study Architecture to Identify Integration Issues and Cost Estimates: You will study the overall architecture/platform to identify potential integration issues between various systems and prepare accurate cost estimates for proposed solutions, aiding in strategic planning and resource allocation.

Summary of Contributions: Impacting Business Outcomes

As an AVP, IAM Architect and Operations Lead, you will:

• Contribute significantly to team, department, and/or business results by performing complex quantitative and qualitative analysis for business processes and/or projects. Often managing small projects, business processes, or parts of larger ones, driving tangible improvements.
• Respond to, solve, and make decisions on more complex/non-routine business requests with limited to moderate risk, demonstrating sound judgment and problem-solving capabilities.
• Assist more senior associates in achieving business results by identifying opportunities to enhance the effectiveness of business processes, participating in setting department operating plans, and achieving results against budget within scope of responsibility.
• Demonstrate a keen awareness of personal strengths and areas for improvement, and act independently to continuously improve and increase skills and knowledge, embodying a commitment to professional growth.
• Perform other duties as appropriate, showing flexibility and willingness to contribute beyond defined responsibilities.

What You Bring: Qualifications for IAM Architecture Leadership

To excel as an AVP, Identity & Access Management Architect and Operations Lead, you’ll need extensive progressive experience in information security, deep expertise in identity management, and proven technical leadership across various platforms and technologies.

• Extensive Information Security Experience: You possess 10+ years of progressive experience in a relevant Information Security discipline, with at least 8+ years of specific experience in Information Security itself. This extensive background indicates a seasoned professional with deep practical knowledge of cybersecurity principles and enterprise security management.
• Proven Identity Management Leadership: You have proven experience managing mid to large-sized Identity Management shops. This demonstrates your leadership capabilities in overseeing IAM operations, guiding teams, and implementing comprehensive identity solutions within a significant enterprise environment.
• Compliance Framework Experience: You have experience with one or more of the following industry-recognized compliance standards: ISO 27001 (Information Security Management), NIST (National Institute of Standards and Technology) frameworks, CIS (Center for Internet Security) standards, or SOC 2 (Service Organization Controls 2) Controls. This ensures your approach to IAM aligns with global best practices and regulatory requirements.
• Hands-on Cloud Expertise: You possess hands-on technical expertise with AWS (Amazon Web Services) and Microsoft Azure/Entra ID. This includes deep understanding and practical experience in securing and managing identities, access, and resources within these major cloud platforms, crucial for hybrid cloud management.
• Proficiency with Modern Identity Management Systems: You have demonstrated proficiency with modern Identity Management systems such as OCI (Oracle Cloud Infrastructure) Identity, SailPoint, Saviynt, BeyondTrust, and CyberArk. This indicates your practical experience in deploying, configuring, and leveraging these enterprise-grade IAM solutions.
• Expert Knowledge in Modern Identity Management Approaches: You possess expert knowledge in modern identity management approaches, including administration, identity cloud services, custom connector development, installation and configuration, performance tuning, and backup and recovery methods across multiple computing environments.
• Proficiency in J2EE, .Net, SOA, Web Services, LDAP, XML, OAuth, OpenID, SAML 2.0: You are highly proficient in a wide array of core technologies, including J2EE (Java 2 Platform, Enterprise Edition), .Net, Service Oriented Architecture (SOA), Web Services, LDAP (Lightweight Directory Access Protocol), XML (Extensible Markup Language), OAuth, OpenID, and SAML 2.0 (Security Assertion Markup Language). These skills are critical for integrating and securing diverse applications and identity systems.
• SQL Database Knowledge: You have knowledge of SQL databases and the ability to support other areas or functions as needed. This indicates your understanding of relational databases and their interaction with IAM systems.
• Exceptional Critical Thinking and Thought Leadership: You demonstrate exceptional critical thinking skills and thought leadership, with the ability to comprehend complex problems, draw logical conclusions, make sound decisions, develop innovative solutions, and effectively negotiate to drive closure of complex challenges.
• Proven Security Solutions Track Record: You have a proven track record and experience in developing comprehensive security solutions that consistently meet objectives of excellence in a dynamic environment, particularly in securing enterprise IT systems.
• Strong Knowledge of Enterprise IT Systems and Security Technologies: You possess strong demonstrated knowledge of enterprise IT systems, cloud solutions, and security technologies, providing a holistic view of the technology landscape.
• Communication Skills: You have the ability to communicate complex messages in a simple, clear, and concise manner to various IT and non-IT teams, ensuring understanding and alignment.
• Broad Cybersecurity Experience: You bring broad and diverse experience across cybersecurity strategy, operations, security architecture, cloud security, and identity and access management, showcasing a well-rounded security profile.
• Knowledge of Identity Management Concepts: You have deep knowledge of identity management, role/attribute-based access control, and authentication systems.
• Technical Proficiency in Cybersecurity Controls: You demonstrate technical proficiency in applying cybersecurity controls, indicating hands-on experience in securing systems and data.
• Ability to Oversee Complex Initiatives: You possess the ability to oversee and execute highly complex, cross-organizational initiatives, driving large-scale projects to successful completion.
• Executive-Level Engagement: You have the ability to engage executive-level stakeholders on complex matters with limited oversight and guidance, demonstrating strong leadership presence and influencing skills.
• Strategic and Tactical Thinking: You have the ability to think strategically and tactically, making effective decisions that align with both short-term operational needs and long-term organizational goals.
• Relevant Cybersecurity Certification(s): You hold relevant Cybersecurity Certification(s) such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CIAM (Certified Identity and Access Manager), or equivalent credentials, validating your expertise.
• Project Driving and Problem Ownership: You are able to drive projects and own problems within a security environment, demonstrating accountability and initiative.
• Strong Organizational Skills: You possess strong organizational skills with demonstrable planning and time management capabilities.

Education & Certifications: Formalizing Your Expertise

• Bachelor’s Degree: A Bachelor’s degree in Computer Science, Information Technology, or a related discipline, or equivalent work experience, is required.
• Master’s Degree (Preferred): A Master’s degree in information security or a related discipline is preferred, indicating advanced academic specialization.
• Certifications:
  • Certified Identity and Access Management (CIAM): A key certification for this role.
  • Global Information Assurance Certification (GIAC) Identity Management: Another highly relevant certification.
  • OCI (Oracle Cloud Infrastructure) Oracle Identity Manager: Specific expertise in Oracle’s IAM solution.
  • SailPoint IIQ Administrator: Proficiency in administering SailPoint IdentityIQ.