Staff Platform Engineer

Full Time

    Job Description

    The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. The Enterprise Technology organization drives our competitive advantage by enhancing consumer experiences, enabling business growth, and advancing operational excellence.

    We are looking for a Staff Platform Engineer to join Disney's Enterprise Technology Identity and Access Management (IAM) group. This group is responsible for providing a Core IAM ecosystem of products and platforms in use across the company by cast members, employees, and partners within Disney's business segments (DMED, DPEP, Studios, DGE) and Corporate functions. Our vision is to provide modern Identity and Access Management capabilities and services that are simple, seamless, and secure to protect our workforce, our data, and our brands.

    • Responsible for the integration, implementation, and transformation of vendor-based Identity and Access Management (IAM) products and platforms that support cast members, and employees, and partners of Disney.
    • Plans, validates, and executes on deliverables for technical integration and implementation of our IAM services in coordination with IAM domain architects, service managers/owners, software engineers, and our operations teams.
    • In collaboration with domain architects, defines/maintains all aspects of the platform engineering process including service/product technical evaluation process, lab testing, and service solution design.
    • Works closely with architects, service owners to ensure alignment with Enterprise Technology strategies, standards and policies.
    • Contributes to the platform/solutions engineering efforts for vendor-provided Enterprise IAM products and services. This includes: Active participant in IAM Transformation program and projects on a cross-functional team to progressively drive and execute on the lifecycle (adopt, evolve, retire/transform) of our IAM services at Disney
    • Evaluates capabilities of services/products and designs solutions/plans to deliver technology-current and business-aligned service offerings that evolve our cybersecurity defense
    • Identifying and implementing changes to the environment that equip both application owners and end users with an awesome IAM experience
    • Collaborates closely with software engineering teams in support of their custom developed solutions and products that integrate with vendor platforms
    • Communicating, project tracking, and status reporting on efforts as a participant on project and service teams
    • Maintains strong knowledge of emerging technologies and trends
    • Develops scripts to aid in automation and operations of service offerings
    • Recommend and integrate solutions to increase effectiveness and efficiency of solution architecture and engineering to further enhance support capabilities, documentation and reporting.

    Required Experience:
    • 8+ years of relevant experience in IT Enterprise Technology, supporting identity and access, enterprise platforms, and/or collaboration ecosystems within diverse enterprises.
    • 5+ years of experience managing Okta at scale within a medium-to-large enterprise environment.
    • 3+ years providing technical leadership and oversight to other engineers
    • 5+ years of experience with implementing or maintaining large-scale identity and access management solutions, experienced in areas such as: Products/Vendors: Okta, Active Directory (AzureAD/AD), Ping, Azure AD, SailPoint, BeyondTrust, Siteminder, Single Sign-On; Multi-Factor Authentication (MFA), Passwordless
    • Identity Federation, SSO, HCM (e.g., SAP, Workday) and IAM Data Integration
    • PAM, IGA
    • Protocols/Standards such as SAML, SCIM, OAuth2, OIDC, LDAP, FIDO2, Kerberos
    • Knowledge of ITIL concepts applied to operational procedures for end-user IT enablement
    • Demonstrable experience automating common operational tasks, web service/API integration, and deployment activities in scripting/programming languages (e.g. Python, PowerShell, JavaScript, etc.)
    • An understanding of core security concerns within a typical application (password hashing, SSL/TLS, encryption at rest, XSS, XSRF)
    • Team-oriented interpersonal skills with the ability to communicate and interact with a broad range of peoples and roles
    • Good organizational, analytical and problem-solving skills with multiple priorities under tight deadlines.
    • Expertise with Agile methodologies and delivering solutions through sprint planning activities
    • Okta Certified Professional, Okta Certified Administrator

    Preferred Experience:
    • Hands-on experience in one or more of the following areas is a plus: web development (JavaScript, HTML, frontend frameworks), middle-tier/backend (Java, C#, Node.js, Python, PHP, Ruby) development, IP-based real-time communications
    • Strong knowledge with sensitive data handling such as COPPA, PCI and PII, Safe Harbor
    • Familiarity with deployments and integration of IAM solutions with public cloud providers (Azure, AWS, Google Cloud)
    • Professional certifications in other identity and access management platforms and products (Active Directory, Ping, SailPoint)

    Required Education:
    • BS or BA degree in Information Technology, Information Security, Computer Science, or Business related field or equivalent proven work experience

    Preferred Education:
    • Master's degree in Information Technology, Information Security, Computer Science, or Business related field or equivalent proven work experience