The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. The Enterprise Technology organization drives our competitive advantage by enhancing consumer experiences, enabling business growth, and advancing operational excellence. Enterprise Technology is guided by the principles of being service focused and collaborative, being biased for action and innovation, and being efficient through leverage of TWDC scale and through continuous improvement.

We looking for a Staff Platform Engineer to join Disney’s Enterprise Technology Identity and Access Management (IAM) group. This group is responsible for providing a Core IAM ecosystem of products and platforms in use across the company by cast members, employees, and partners within Disney’s business segments (DMED, DPEP, Studios, DGE) and Corporate functions. Our vision is to provide modern Identity and Access Management capabilities and services that are simple, seamless, and secure to protect our workforce, our data, and our brands.

Responsibilities:

• Responsible for the integration, implementation, and transformation of vendor-based Identity and Access Management (IAM) products and platforms that support cast members, and employees, and partners of Disney.

• Plans, validates, and executes on deliverables for technical integration and implementation of our IAM services in coordination with IAM domain architects, service managers/owners, software engineers, and our operations teams.

• In collaboration with domain architects, defines/maintains all aspects of the platform engineering process including service/product technical evaluation process, lab testing, and service solution design.

• Works closely with architects, service owners to ensure alignment with Enterprise Technology strategies, standards and policies.

• Contributes to the platform/solutions engineering efforts for vendor-provided Enterprise IAM products and services. This includes: Active participant in IAM Transformation program and projects on a cross-functional team to progressively drive and execute on the lifecycle (adopt, evolve, retire/transform) of our IAM services at Disney

• Evaluates capabilities of services/products and designs solutions/plans to deliver technology-current and business-aligned service offerings that evolve our cybersecurity defense, and embrace both best practices and common standards.

• Identifying and implementing changes to the environment that equip both application owners and end users with an awesome IAM experience

• Collaborates closely with software engineering teams in support of their custom developed solutions and products that integrate with vendor platforms

• Communicating, project tracking, and status reporting on efforts as a participant on project and service teams

• Establishes close relationships with and provides oversight of vendor and supplier partners

• Maintains strong knowledge of emerging technologies and trends

• Develops scripts to aid in automation and operations of service offerings

• Recommend and integrate solutions to increase effectiveness and efficiency of solution architecture and engineering to further enhance support capabilities, documentation and reporting.

Required Experience:

• 8+ years of relevant experience in IT Enterprise Technology, supporting identity and access, enterprise platforms, and/or collaboration ecosystems within diverse enterprises.

• 5+ years of experience managing Okta at scale within a medium-to-large enterprise environment.

• 5+ years of experience with implementing or maintaining large-scale identity and access management solutions, experienced in areas such as: Products/Vendors: Okta, Active Directory (AzureAD/AD), Ping, Azure AD, SailPoint, BeyondTrust, Siteminder, Single Sign-On; Multi-Factor Authentication (MFA), Passwordless

• Identity Federation, SSO, HCM (e.g., SAP, Workday) and IAM Data Integration

• PAM, IGA

• Familiarity/experience with managing certificate lifecycle and integration

• Protocols/Standards such as SAML, SCIM, OAuth2, OIDC, LDAP, FIDO2, Kerberos

• 3+ years providing technical leadership and oversight to other engineers

• Knowledge of ITIL concepts applied to operational procedures for end-user IT enablement

• Cross-functional technology skills in areas such as public cloud, SaaS and on-prem applications and platforms, devices, and remote access

• Demonstrable experience automating common operational tasks, web service/API integration, and deployment activities in scripting/programming languages (e.g. Python, PowerShell, JavaScript, …)

• 3+ years’ experience in contributing to large, transformational IT initiatives

• 2+ years’ experience working with suppliers in an outsourced environment

• An understanding of core security concerns within a typical application (password hashing, SSL/TLS, encryption at rest, XSS, XSRF)

• Excellent written, verbal, and visual communication. Ability to connect with all partners, to include leadership, software and platform engineers, end users, and application owners.

• Ability to work collaboratively, establish credibility, and working relationships within Enterprise Technology and with Corporate and Segment partners

• Team-oriented interpersonal skills with the ability to communicate and interact with a broad range of peoples and roles

• Good organizational, analytical and problem-solving skills with multiple priorities under tight deadlines.

• Attention to detail, ability to execute process, and follow through on tasks

• Proven strong negotiating and consensus building activities

• Expertise with Agile methodologies and delivering solutions through sprint planning activities

• Okta Certified Professional, Okta Certified Administrator

Preferred Experience:

• Hands-on experience in one or more of the following areas is a plus but not required: web (JavaScript, HTML, frontend frameworks) development, middle-tier/backend (Java, C#, Node.js, Python, PHP, Ruby) development, IP-based real-time communications

• Strong knowledge with sensitive data handling such as COPPA, PCI and PII, Safe Harbor

• Familiarity with deployments and integration of IAM solutions with public cloud providers (Azure, AWS, Google Cloud)

• Okta Certified Consultant

• Professional certifications in other identity and access management platforms and products (Active Directory, Ping, SailPoint)

• CISSP/Security Certifications

Required Education:

• BS or BA degree in Information Technology, Information Security, Computer Science, or Business related field or equivalent proven work experience

Preferred Education:

• Master’s degree in Information Technology, Information Security, Computer Science, or Business related field or equivalent proven work experience

#DISNEYTECH

#LI-JP4