Careers

Where You Fit In

Inspiring opportunities in every corner of the world



ALREADY ENROLLED?

Update your data, view your application and progress

Login


ARE YOU A FORMER MANDARIN ORIENTAL COLLEAGUE OR INTERN?

Access the careers site exclusive to our Forever Fans for:

  • Priority consideration when applying
  • A fast-track interview & selection process and, upon successful rehire, a tailored colleague orientation experience
  • Access to MO Talks and priority registration to live webinars with industry experts and featured Forever Fans
  • A Knowledge Portal featuring ongoing relevant learning content and development guidance

Access


Job Search

Employment type

Department / Job Level

Property / Office

Clear Filters



Identity and Access Management (IAM) Engineer

Apply now Position: Identity and Access Management (IAM) Engineer (Full time #532719)
Property / Office: Corporate Office, Atlanta
Location: Atlanta, GA, United States

Mandarin Oriental Hotel Group is the award-winning owner and operator of some of the world’s finest hotels. The Group operates luxury hotels in key leisure and business destinations. In total Mandarin Oriental employs 9,000 colleagues in three continents with thirteen hotels in Asia, eight in The Americas and ten in Europe.

Some of the duties for this position are:

  • Operational management of technologies, tools and capabilities associated with Identity Lifecycle Management, Privilege Account Management, Enterprise SSO, MFA, Data Loss Prevention, and data classification.
  • Leads project team that Implements, maintains, and manages an Identity and Access Management (IAM) system for a centralized, role-based user provisioning, and de-provisioning program. This program will encompass an enterprise-wide ID creation, modification, and deletion process, providing Role Based Access Control (RBAC) to various applications, systems, and facilities globally, including, but not be limited to: Active Directory, LDAP; Databases: Oracle, Microsoft SQL; Identity Management Platforms; Microsoft Exchange, Linux/Unix, and multiple vendor SaaS applications.
  • Collaborate with cross functional teams in all business units and stakeholders to identify, recommend, and test IAM, Privileged Access Management (PAM), Cloud Access Security Broker (CASB) technologies, and processes with experience implementing modern authentication solutions leveraging SAML/OAuth/OIDC.
  • Supports user access control programs, designed to manage enterprise access rights to systems containing financial data and PCI-DSS regulations and requirements. Manages internal access review projects in partnership our internal controls team to satisfy all requirements to demonstrate full compliance.
  • Develop, document, implement, and manage an enterprise wide IAM framework, strategy, and roadmap that outlines and defines the tactical, operational, and strategic plans for IAM.
  • Additional duties as assigned by the Head of Cybersecurity.

Skills & Qualifications:

Bachelor’s Degree in Information Systems, Computer Science or equivalent combination of education, training, or work experience.
• Minimum 5-7 years in the information technology and/or security field
• Demonstrated understanding of authentication, authorization, role-based access, least privilege, and segregation of duties access control concepts for various operating systems like Red Hat Enterprise Linux (RHEL), Windows, MacOS, enterprise applications, and other technology solutions.
• Demonstrated experience with industry standard solutions in IAM application space like OAuth, authentication, authorization, Security Assertion Markup Language (SAML), FIDO, FIDO 2, and OpenID.
• Knowledge of identity integrations with modern human capital management (HCM) systems like Oracle, SAP, Ulti-Pro, Workday, and in-depth understanding of user life cycle processes with experience automating them.
• Experience with privacy and data protection requirements, data classification, and securing data through access management.
• Experience managing and supporting identity systems, such as Active Directory, Azure AD, Okta, Ping Identity, Oracle IAM, Hitachi ID Identity Manager, Saviynt, and SailPoint.
• One or more of the following industry certifications or equivalent is required: CISSP, CISM, GIAC.

If you are the person we are looking for, apply today.

Advertised: Eastern Standard Time
Applications close:

Back to search results Apply now Refer a friend

Make a Reservation