We are seeking a highly accomplished SAP Identity Management/Provisioning Specialist for an enterprise-level contract opportunity based in Toronto. In this role, you will take on a premier technical capacity within the cybersecurity governance and SAP security streams, specializing in the design, construction, optimization, and lifecycle administration of enterprise access management architectures.
...
As a principal identity authority, you will bridge the gap between abstract compliance mandates and low-level system authorization profiles. Operating within a structured hybrid framework, you will provide critical technical leadership to ensure secure user provisioning, optimize access workflows, and maintain robust governance matrices across an array of cloud and on-premise environments. This role demands an expert who can confidently triage complex user access tickets, configure automated identity conduits, and harden security infrastructures against evolving audit criteria.
Location: Toronto, ON
Assignment Type: Hybrid (Minimum 3 days per week onsite)
Contract Duration: 6 months (with a 6-month optional extension)
Schedule: 7 hours per day, 5 days per week during standard business hours
Advantages
Pure Specialization Scope: Exercise deep operational control over identity provisioning, access controls, and advanced system security without broad administrative overhead.
Modern Cloud Integrations: Gain extensive technical exposure configuring advanced cloud structures including BTP environments, SaaS directory mapping, and microservice integration pipelines.
Automated Architecture Delivery: Lead the high-visibility configuration of cross-platform automations, connecting service management platforms directly with governance engines.
Strategic Security Autonomy: Drive critical role updates, optimize global rulesets, and shape technical remediations for enterprise-level risk reviews.
Responsibilities
Access Provisioning & Operations Support
Triage, troubleshoot, and resolve complex application access tickets submitted by end-users across distributed multi-tier environments.
Lead user and role provisioning activities, adjusting access profiles based on functional enhancement paths and technical specifications.
Execute regular role update assessments, providing actionable recommendations to promote, align, or optimize authorization configurations at the organizational unit level.
Provide active tier-3 technical diagnostics during software troubleshooting, user acceptance testing (UAT), and system integration testing loops.
Author and update highly organized security operating logs, role catalogs, comprehensive business mapping documentation, and system setup journals.
Governance, Risk Compliance & Audit
Review, maintain, and modernize system governance mechanisms to enforce strict security baselines.
Update governance parameters and access rulesets based on new or evolving segregation of duties (SoD) internal control demands.
Perform comprehensive financial segregation of duties analysis, identify authorization vulnerabilities, and design automated compliance tracking models.
Respond directly to internal and external audit observations, driving rapid compliance gap remediation and aligning changes with institutional change control parameters.
System Integration & Identity Management
Design, build, and configure secure interfaces connecting diverse application landscapes with central identity governance suites.
Configure automated provisioning workflows, decision matrices, dynamic access request validation, and approval rules within access governance platforms.
Enable secure single sign-on (SSO) authentication mechanics across the enterprise infrastructure utilizing modern identity assertions.
Partner with cross-functional integration engineering squads to implement automated request flows linking core service management tools with access databases.
Deliver polished knowledge transfer summaries, training guides, and documentation to ensure seamless operational handoffs to long-term support teams.
Qualifications
Core Technical & SAP Security Experience
Professional Security Tenure: A minimum of 10+ years of progressive, hands-on experience delivering complex software tracks within large public sector jurisdictions or private organizations.
ERP Deployment Depth: Extensive experience delivering at least two (2) end-to-end implementations of modern enterprise resource planning architectures.
Functional Module Familiarity: Comprehensive understanding of core structural modules, with practical expertise across areas such as Finance, Controlling, Asset Accounting, Production Planning, Logistics, Funds Management, Materials Management, or unified Business Planning platforms.
Access Control & Workflows: Strong hands-on experience configuring access control suites (such as version 12.0 utilities including ARM, EAM, and ARA), managing financial segregation of duties (SoD) rulesets, and building multi-stage workflow tables.
Identity Management Mastery: Proven technical background designing and maintaining secure directories, cloud identity services, containerized authorization objects, and platform security integrations.
Security Tooling Fluency: High proficiency navigating primary maintenance and administration tools, including profile generators, user authorizations, system traces, and analytical ledger reports.
Authentication Standards: Advanced knowledge of Single Sign-On (SSO) frameworks and federated, token-based authentication protocols.
Certifications & Methodologies
Professional Industry Credentials: Active professional validation in system security, compliance, or identity management is highly preferred, holding at least one of the following:
Certified Technology Associate – System Security
Specialized Access Control / Governance Certification
Identity Management / Cloud Identity Certification
CISSP or CISA designations are considered exceptional technical assets.
Testing Methodology Acumen: Robust understanding of software test methodologies to effectively plan, document, and execute verification test scripts.
Office Tooling Proficiency: High proficiency manipulating standard project software, including document managers, data tables (Excel), presentation applications, and tracking tools (MS Project).
Leadership & Soft Skills
Consultative Articulation: Outstanding verbal and written communication skills, with polished ease when conveying complex security defects, design decisions, and log analytics across all levels of the organization.
Analytical Problem Solving: Superior critical thinking and diagnostic capabilities to work independently with minimal supervision, planning and executing intricate system tasks under tight timelines.
Collaborative Team player: A detail-oriented professional who operates fluidly inside multi-disciplinary environments to facilitate effective stakeholder knowledge transfer.
Summary
If you're interested in the SAP Identity Management/Provisioning Specialist role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more
We are seeking a highly accomplished SAP Identity Management/Provisioning Specialist for an enterprise-level contract opportunity based in Toronto. In this role, you will take on a premier technical capacity within the cybersecurity governance and SAP security streams, specializing in the design, construction, optimization, and lifecycle administration of enterprise access management architectures.
As a principal identity authority, you will bridge the gap between abstract compliance mandates and low-level system authorization profiles. Operating within a structured hybrid framework, you will provide critical technical leadership to ensure secure user provisioning, optimize access workflows, and maintain robust governance matrices across an array of cloud and on-premise environments. This role demands an expert who can confidently triage complex user access tickets, configure automated identity conduits, and harden security infrastructures against evolving audit criteria.
Location: Toronto, ON
Assignment Type: Hybrid (Minimum 3 days per week onsite)
Contract Duration: 6 months (with a 6-month optional extension)
...
Schedule: 7 hours per day, 5 days per week during standard business hours
Advantages
Pure Specialization Scope: Exercise deep operational control over identity provisioning, access controls, and advanced system security without broad administrative overhead.
Modern Cloud Integrations: Gain extensive technical exposure configuring advanced cloud structures including BTP environments, SaaS directory mapping, and microservice integration pipelines.
Automated Architecture Delivery: Lead the high-visibility configuration of cross-platform automations, connecting service management platforms directly with governance engines.
Strategic Security Autonomy: Drive critical role updates, optimize global rulesets, and shape technical remediations for enterprise-level risk reviews.
Responsibilities
Access Provisioning & Operations Support
Triage, troubleshoot, and resolve complex application access tickets submitted by end-users across distributed multi-tier environments.
Lead user and role provisioning activities, adjusting access profiles based on functional enhancement paths and technical specifications.
Execute regular role update assessments, providing actionable recommendations to promote, align, or optimize authorization configurations at the organizational unit level.
Provide active tier-3 technical diagnostics during software troubleshooting, user acceptance testing (UAT), and system integration testing loops.
Author and update highly organized security operating logs, role catalogs, comprehensive business mapping documentation, and system setup journals.
Governance, Risk Compliance & Audit
Review, maintain, and modernize system governance mechanisms to enforce strict security baselines.
Update governance parameters and access rulesets based on new or evolving segregation of duties (SoD) internal control demands.
Perform comprehensive financial segregation of duties analysis, identify authorization vulnerabilities, and design automated compliance tracking models.
Respond directly to internal and external audit observations, driving rapid compliance gap remediation and aligning changes with institutional change control parameters.
System Integration & Identity Management
Design, build, and configure secure interfaces connecting diverse application landscapes with central identity governance suites.
Configure automated provisioning workflows, decision matrices, dynamic access request validation, and approval rules within access governance platforms.
Enable secure single sign-on (SSO) authentication mechanics across the enterprise infrastructure utilizing modern identity assertions.
Partner with cross-functional integration engineering squads to implement automated request flows linking core service management tools with access databases.
Deliver polished knowledge transfer summaries, training guides, and documentation to ensure seamless operational handoffs to long-term support teams.
Qualifications
Core Technical & SAP Security Experience
Professional Security Tenure: A minimum of 10+ years of progressive, hands-on experience delivering complex software tracks within large public sector jurisdictions or private organizations.
ERP Deployment Depth: Extensive experience delivering at least two (2) end-to-end implementations of modern enterprise resource planning architectures.
Functional Module Familiarity: Comprehensive understanding of core structural modules, with practical expertise across areas such as Finance, Controlling, Asset Accounting, Production Planning, Logistics, Funds Management, Materials Management, or unified Business Planning platforms.
Access Control & Workflows: Strong hands-on experience configuring access control suites (such as version 12.0 utilities including ARM, EAM, and ARA), managing financial segregation of duties (SoD) rulesets, and building multi-stage workflow tables.
Identity Management Mastery: Proven technical background designing and maintaining secure directories, cloud identity services, containerized authorization objects, and platform security integrations.
Security Tooling Fluency: High proficiency navigating primary maintenance and administration tools, including profile generators, user authorizations, system traces, and analytical ledger reports.
Authentication Standards: Advanced knowledge of Single Sign-On (SSO) frameworks and federated, token-based authentication protocols.
Certifications & Methodologies
Professional Industry Credentials: Active professional validation in system security, compliance, or identity management is highly preferred, holding at least one of the following:
Certified Technology Associate – System Security
Specialized Access Control / Governance Certification
Identity Management / Cloud Identity Certification
CISSP or CISA designations are considered exceptional technical assets.
Testing Methodology Acumen: Robust understanding of software test methodologies to effectively plan, document, and execute verification test scripts.
Office Tooling Proficiency: High proficiency manipulating standard project software, including document managers, data tables (Excel), presentation applications, and tracking tools (MS Project).
Leadership & Soft Skills
Consultative Articulation: Outstanding verbal and written communication skills, with polished ease when conveying complex security defects, design decisions, and log analytics across all levels of the organization.
Analytical Problem Solving: Superior critical thinking and diagnostic capabilities to work independently with minimal supervision, planning and executing intricate system tasks under tight timelines.
Collaborative Team player: A detail-oriented professional who operates fluidly inside multi-disciplinary environments to facilitate effective stakeholder knowledge transfer.
Summary
If you're interested in the SAP Identity Management/Provisioning Specialist role based in Toronto, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
This posting is for existing and upcoming vacancies.
show more