About the Role:
The Identity and Access Management (IAM) Engineer will serve as technical expert responsible for implementation of application and enterprise platforms within the authentication and identity lifecycle space. The ideal candidate will be able to help design, implement, monitor, and maintain world-class Identity and Access Management solutions. In this role, the ideal candidate will manage standards for overall organization's identity management application integration, middleware interfaces and architecture. Lead the collection of business requirements and the design / development of Identity and Access Management (IAM) solutions. Partner with other IAM architects and initiatives. Coordinate communications with internal and external teams. Participate in business process evaluation / improvement activities, requirements gathering, system analysis, system design, software / hardware applicability studies and system implementation and executes projects based on these activities.
You’re passionate about understanding or discovering security vulnerabilities and aspire to be the “Trusted Advisor.” You know all about identifying, providing and validating security requirements of IT solutions, and you’ve done this in a consulting environment. You’re a skilled communicator who can effectively articulate cyber security risks to technical and non-technical audiences.
You probably have a bachelor’s degree in technical discipline such as (Computer Science, Engineering, Applied Mathematics etc.) or equivalent experience
Your skills and experience include:
• Methods and identification tools for risks and security threats
• Knowledge of information security standards (OSFI, ISO, NIST, PCI, PIPEDA, GDPR etc.)
• Proficiency in operating systems, database platforms, web technologies, firewalls and programming languages
• Excellent communication skills in written and oral English
• Giving effective advice in large-scale technology projects while working at all levels - with clients and your team.
• Strong technical skills to design and implement IAM Security services with hands on experience on several of the items outlined below:
• Managing identity and access on-premise with Active Directory
• Managing identity and access in the Microsoft Cloud, Amazon Web Services or Google Cloud Platform
• Secure Hybrid environments (AD Connect and authentication)
• Azure AD Self-service password reset, Azure AD access reviews)
• Azure AD App Registration
• Azure AD Directory roles
• Authentication Methods (sign-on security, multi-factor authentication (MFA), device sign-on methods, Azure Seamless SSO, ADFS, ADFS Proxy, PHS and PTA)
• Azure AD Conditional Access (Compliance and conditional access policies, device compliance policy, conditional access policy)
• Role-based access control (RBAC)
• Azure AD Privileged Identity Management (PIM)
• Azure AD Identity Protection (User risk policy and sign-in risk policy)
• Azure ATP (Plan and implementation threat protection)
• Advanced knowledge designing, supporting, and upgrading Active Directory environments (Authentication, Authorization, Group Policy Objects, LDAP, PKI, DNS, ADFS, MIM/PAM, LAPS, etc.)
• Experience with domain migrations and consolidations: Merger and Acquisition projects (M&A)
• An understanding of the interdependencies in migration projects (user, workstation, application, network, directory, cloud).
• Knowledge of Red Forest (Enhanced Security Administrative Environment)
• Identity Lifecycle Management
• Knowledge of SAML, OpenID Connect, OAuth, JSON, SPML, SCIM, XACML integration standards.
• Understanding of REST and SOA fundamentals and design.
• Good to have experience with the following Identity and Access Management products: Sailpoint IdentityIQ, CyberArk, ForgeRock, Ping, Okta and Saviynt
One or more of the following:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Cloud Security Professional (CCSP)
• GIAC Certified
• MCSE Core Infrastructure
• Microsoft Azure Security Technologies (Exam AZ-500)
• Microsoft Azure Administrator (AZ-103 / AZ-104)
• Microsoft 365 Identity and Services (MS-100)