AVP, Identity & Access Management Architect and Operations Lead

We are excited to be partnering with a leading global provider of vacation ownership, rental, and resort experiences, who are known for their vacation club memberships, timeshare properties, and luxury travel options across a portfolio of high-end resorts and destinations. With a strong focus on customer service, they offer flexible vacation solutions such as points-based systems and exchange programs, and operate under multiple well-known hospitality brands.

They are looking for an AVP, Identity & Access Management (IAM) to spearhead the strategy, planning, evaluation, and implementation of the entire IAM stack across the organization.

Currently the business is undergoing a technology transformation, with a focus on modernization to improve relationships with customers and further expand their accessibility across all experiences and destinations. The goal is to be a technology leader in hospitality, and they are looking for individuals eager to bring their expertise to the organization long-term.

Under new leadership, the team has been reinvigorated and are primed for growth across their entire Global Technology organization including Engineering & Operations, Data Platforms & Engineering, Artificial Intelligence, Information Security, Privacy, Infrastructure, Products & Platforms, Delivery Office, and the Office of the CIO. The business intends to double it's spending on Technology across the organization for each of the next 3 years. This is your opportunity to be a part of the journey and drive innovation through technology adoption.

The Role

Reporting to the VP of Information Security Architecture, this role will play a pivotal part in guiding and overseeing IAM functions across the enterprise, including developing a centralized provisioning IAM engine for all business and workforce applications, workflow and review certification, audit and compliance, hybrid cloud management, privileged access management, authentication, and authorization.

This leader must possess expert knowledge in modern identity management approaches, administration, identity cloud services, custom connector development, installation and configuration, performance tuning, backup, and recovery methods across multiple computing environments. Proficiency in J2EE, .Net, Service Oriented Architecture (SOA), Web Services, LDAP, XML, OAuth, OpenID, and SAML 2.0 is essential. Additionally, knowledge of SQL databases and the ability to support other areas or functions as needed is required.

You'll also be designing, specifying, and selecting business application information security solutions, considering functionality, data, security, privacy, interoperability, scalability, and performance for advanced IT architectures. This role will directly contribute to the global enterprise cloud architecture and lead the security vision and strategy around business-focused identity management and information security.

Summary of Contributions

• Contributes to team, department, and/or business results by performing complex quantitative and qualitative analysis for business processes and/or projects. Often manages small projects, business processes, or parts of larger ones.
• Responds to, solves, and makes decisions on more complex/non-routine business requests with limited to moderate risk.
• Assists more senior associates in achieving business results by:
• Identifying opportunities to enhance the effectiveness of business processes.
• Participating in setting department operating plans.
• Achieving results against budget within scope of responsibility.
• Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledge.
• Performs other duties as appropriate.

Responsibilities

• Architect, implement, and manage IAM systems, including Customer IAM (CIAM) solutions.
• Architect and manage across all facets of IAM (Governance, Access Management, Privileged Access Management).
• Identify and address issues related to IAM performance.
• Provide technical leadership for the integration of IAM systems.
• Ensure alignment between IAM standards and business objectives.
• Develop and maintain IAM policies, procedures, and standards.
• Work with stakeholders to understand their IAM requirements and translate them into technical specifications.
• Perform audits to ensure systems comply with established IAM standards and policies.
• Provide support and guidance to team members regarding IAM.
• Ensure IAM systems are regularly updated and remain secure against potential threats.
• Document IAM strategies and systems for future reference and review.
• Participate in significant application development projects to design secure architectures and ensure developed systems align with MVW security strategy and policy.
• Maintain security architecture documentation, including architecture frameworks, design patterns, logical and physical diagrams, and standards.
• Enhance Security team capabilities by mentoring junior team members.
• Champion information security principles and best practices on key customer feature development projects to help design secure architectures and ensure developed systems align with MVW security strategy and policy.
• Lead the definition and methodology for ensuring applications and processes are fully integrated with our digital and service delivery platforms.
• Ensure company-developed and third-party applications adhere to security best practices and principles, and design mitigation solutions for applications to meet these standards.
• Create security architecture documentation, including architecture frameworks, patterns, and standards.
• Partner with leaders across our Information Security and Data Privacy organization, as well as other organizational leads.
• Work directly with peers and/or third parties to provide mitigations and strategic solutions to solve major application security hurdles by evaluating business strategies and requirements.
• Study architecture/platform to identify integration issues and prepare cost estimates.

Skills and Attributes

• Exceptional critical thinking skills and thought leadership with the ability to comprehend complex problems, draw logical conclusions, make sound decisions, develop solutions, and negotiate and respond accordingly to drive closure of complex challenges.
• Proven track record and experience in developing comprehensive security solutions that meet the objectives of excellence in a dynamic environment.
• Strong demonstrated knowledge of enterprise IT systems, cloud solutions, and security technologies.
• Ability to communicate complex messages in a simple, clear, and concise manner to various IT and non-IT teams.
• Broad and diverse experience across cybersecurity strategy, operations, security architecture, cloud security, and identity and access management.
• Knowledge of identity management, role/attribute-based access control, and authentication systems.
• Demonstrated technical proficiency in applying cybersecurity controls.
• Ability to oversee and execute highly complex, cross-organizational initiatives.
• Ability to engage executive-level stakeholders on complex matters with limited oversight and guidance.
• Ability to think strategically and tactically, with effective decision-making skills.
• Relevant Cybersecurity Certification(s) (CISSP, CISA, CIAM, etc.).
• Able to drive projects and own problems within a security environment.
• Strong organizational skills with demonstrable planning and time management capabilities.
• Experience driving projects and owning problems within a security environment.

Qualifications

• 10+ years of progressive experience in relevant Information Security discipline and 8+ years of experience in Information Security.
• Proven experience managing mid to large-sized Identity Management shops
• Experience with one or more of the following: ISO 27001, NIST, CIS standards, or SOC 2 Controls.
• Hands-on technical expertise with AWS and Microsoft Azure/Entra ID.
• Demonstrated proficiency with modern Identity Management systems such as OCI, Sailpoint, Saviynt, BeyondTrust, and CyberArk.

Education & Certifications

• Bachelor's degree in Computer Science, Information Technology, or related discipline or equivalent work experience.
• Master's degree in information security or related discipline preferred.
• Certified Identity and Access Management (CIAM)
• Global Information Assurance Certification (GIAC) Identity Management
• OCI Oracle Identity Manager
• SailPoint IIQ Administrator