IAM Engineer

This position will report to the Senior Manager, Identity and Access Management.

What you’ll do


In this role, you will be responsible for selection, design, implementation and enhancement of new IAM (IGA and CIAM) solutions and driving the subsequent deployment phases of the existing PAM solution across additional platforms. You will review, create and enhance operational and support processes and provide third level support for these solutions.

In addition, you will work with the Access Management team to review, update and align Aviva access provisioning processes with industry best practices in preparation for implementation of these IAM solutions.

What you’ll bring

University degree in Computer Science or Computer Engineering or Information Technology
At least 5 years of Information Security experience with a focus on IAM projects
Hands on experience in the selection, implementation, application onboarding and support in one or more of the following IGA tools such as SailPoint, Saviynt, ForgeRock, etc is a must.
Hands on experience in the selection, implementation, and support in one or more of the following CIAM tools such as OKTA, Ping Identity, ForgeRock, etc is a must.
Hands on experience in the implementation, support of a PAM solution (Beyond Trust and CyberArk) across multiple platforms (OS, network, database, virtualization, etc.) and multiple account types (personal, shared, service, etc.).
Experience in designing, updating, and implementing industry best practices for Joiner/Mover/Leaver (JML) processes used in Active Directory, Windows, Unix/Linux, Mainframe and Cloud based environments (Microsoft Azure, AWS).
Solid grasp of Active Directory structure including Organizational Units, Groups, Access Rights, User Accounts, Objects, rights delegation, and GPO policies.
Strong technical ability to design, build and support a dedicated LAB environment for IAM related solutions.
Experience in scripting automation and integration work using Unix scripting, PowerShell, Java and Ansible Tower.
Experience in working with multiple database types (MS SQL, DB2, Oracle, etc.)
Ability to effectively employ critical thinking and analysis to determine project scope, prioritization of work, work effort and timelines for the projects.
Able to multi-task on multiple projects and tasks with contending priorities in a fast-paced environment.
Ability to dynamically balance work effort for new projects and activities and assist other team members in order meet team objectives.
Strong verbal and written communication, interpersonal and collaborative skills – interacting with both internal and external clients and vendors from both technical and non-technical perspectives.
A curiosity about digital/cybersecurity – the desire and openness to upskill as required to stay pace with the current cyber threat landscape.
What you'll get

Join a great company and culture, and a phenomenal team!
Competitive rewards package
Comprehensive benefits package, including Medical/Dental, personal wellness, defined contribution pension plan, share matching plan
Annual performance related bonus and pay review
Exceptional career development opportunities
Vacation allowance of 20 days plus statutory holidays, personal floater day, the option to buy/sell up to 5 additional vacation days and time off for volunteer opportunities
Discounts on many Aviva products through the Employee Purchase Program plus discounts for Friends and Family (some exclusions apply)
We will support your professional development

Advantages
Join a great company and culture, and a phenomenal team!
Competitive rewards package
Comprehensive benefits package, including Medical/Dental, personal wellness, defined contribution pension plan, share matching plan
Annual performance related bonus and pay review
Exceptional career development opportunities
Vacation allowance of 20 days plus statutory holidays, personal floater day, the option to buy/sell up to 5 additional vacation days and time off for volunteer opportunities
Discounts on many Aviva products through the Employee Purchase Program plus discounts for Friends and Family (some exclusions apply)
We will support your professional development

Responsibilities
In this role, you will be responsible for selection, design, implementation and enhancement of new IAM (IGA and CIAM) solutions and driving the subsequent deployment phases of the existing PAM solution across additional platforms. You will review, create and enhance operational and support processes and provide third level support for these solutions.

In addition, you will work with the Access Management team to review, update and align Aviva access provisioning processes with industry best practices in preparation for implementation of these IAM solutions.

Qualifications
What you’ll bring
•Bachelor's degree in Computer Science or Computer Engineering (preferred but not required) or equivalent experience
•At least 10 years of experience in Information Security (IAM space preferred)
•7-10 years of experience in the selection, architecting and engineering in one or more of the following IGA tools : Sailpoint, Saviynt, ForgeRock, etc.
•Strong applications’ on-boarding experience in IGA tool
•7-10 years of experience in the selection, architecting and engineering in one or more of the following CIAM tools (including MFA) : OKTA, Ping Identity, ForgeRock, etc.
•5-10 years of experience in the implementation of a PAM solution (Beyond Trust and/or CyberArk) across multiple platforms (OS, network, database, virtualization, etc.) and multiple account types (personal, shared, service, etc.).
•Experience with programming or scripting languages (e.g. Java, BeanShell, shell scripts, XML programming etc.)
•Experience in designing, updating, and implementing industry best practices for Joiner/Mover/Leaver (JML) processes used in Active Directory, Windows, Unix/Linux, Mainframe and Cloud based environments (Microsoft Azure, AWS).
•Solid grasp of Active Directory structure including Organizational Units, Groups, Access Rights, User Accounts, Objects, rights delegation, and GPO policies.
•Experience in integrating standalone Linux servers into Active Directory.
•Strong technical ability to design, build and support a dedicated LAB/DEV environment for IAM related solutions.
•Ability to effectively employ critical thinking and analysis to determine project scope, prioritization of work, work effort and timelines for the projects.
•Able to multi-task on multiple projects and tasks with contending priorities in a fast-paced environment.
•Strong verbal and written communication, interpersonal and collaborative skills – interacting with both internal and external clients and vendors from both technical and non-technical perspectives.
•Proven ability to craft detailed, technical documentation for the project deliverables
•Experience in accommodating cross-training / job shadowing for internal IAM resources
•Relevant Security Certifications (CISSP, CSSP, CISA, CISM, CGEIT, CRISC, CIAM, Sailpoint Identity Now Engineer, Sailpoint IIQ Engineer, Saviynt Engineer, CyberArk, OKTA etc.)

Summary
The Identity and access Management (IAM) team is looking for someone with experience in requirements gathering, selecting, and designing security solutions and driving the implementation of these security solutions in the IAM space. The ideal candidate will possess a broad knowledge and very strong technical hands-on experience with IAM solutions including Identity Governance and Administration (IGA), Customer Identity and Access Management (CIAM) and Privileged Access Management (PAM) solutions.

This position will report to the Senior Manager, Identity and Access Management.

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.