- Define strategic security architectures across hybrid technology stacks and cloud hosted IAM, PAM and Secrets Management platforms
- Act as an SME in IAM and PAM platforms on evaluating, designing, and testing solutions and technologies, aligned with the enterprise security platforms, including SailPoint IdentityNow, CyberArk PAM, HashiCorp Vault for Secrets Management, Microsoft Active Directory and Azure Active Directory
- Define solutions realizing workforce and customer IAM capabilities, develop and evolve solution architectures and designs, demonstrate solutions meet stakeholders' requirements, and obtain approval on the architectures and designs at the architecture review board
- Deliver architectures and designs in both agile and iterative waterfall project delivery models, and propose and implement enhancements to improve the viability of the solutions to meet program timelines, budget, and quality measurements
- Author patterns to drive reuse of IAM, PAM and Secrets Management solutions across IGM
- Be an authoritative and trusted partner with deep, practical experience in workforce and customer IAM, Secrets Management, PAM and solution architecture best practices to various business and functional areas across IGM, as well as to various risk management and governance functions
- Liaise with cloud, integration, data, digital, security and infrastructure architecture, development, and engineering teams to ensure that all solution architecture views are defined and elaborated
- Develop documentation, architectural, design and workflow diagrams, and test scripts
- Identify and communicate high-level gaps and issues in primary functional areas
- Review solutions to ensure new and existing applications are implemented to the standards utilizing the RBAC and Zero Trust Security Frameworks
- Proactively identify security technology reuse goals and opportunities
- Direct the research and evaluation of emerging IAM and PAM technologies, industry, and market trends; and ensure recommendations are based on business relevance, current standards and best practices, appropriate timing, and deployment
- Identify potential risks of projects, document and address those risks and work with other teams to resolve issues
- Must have hands-on experience designing and deploying large-scale enterprise Identity Governance & Administration solutions, including Identity Management (Provisioning, Enrolment, De-provisioning), Access Management, Authentication, Authorization, Role Based Access Control (RBAC), Identity Governance (Attestation, Re-certification, Reconciliation), Identity Federation, Single Sign-On (Desktop SSO, Web SSO, eSSO), Privileged Access/User Management (PAM/PUM), Security and IAM management for cloud based solutions, including IaaS, PaaS, SaaS and IDaaS, Social Login, Identity Analytics, Identity Trust Frameworks
- Must have hands-on experience to install, configure, test, maintain and troubleshoot Identity, Access, Governance and Audit Management platforms, e.g. SailPoint IIQ IdentityNow, Azure Active Directory, Windows Active Directory, CyberArk
- Strong architecture experience with Privileged Access Management Solutions (CyberArk, etc.)
- Strong knowledge of Directory Services – Active Directory and Azure Active Directory
- Subject matter expert in the following IAM Technologies: LDAP, SAML, OAuth, OpenID Connect (OIDC), XAML, NAPPS, WS-Fed, FIDO, UMA, SCIM, IWA, etc.
- Hands-on experience in designing and implementing integrations with ServiceNow and end-to-end workflow automation for full circle fulfillment
- Governance, planning, and delivery of enterprise-level IAM program based on zero-trust (Identity, access, privileged access, SSO federation, cloud, MFA)
- Experience in implementing security hardening in cloud-based systems, endpoint, and cloud infrastructure
- Design of SIEM use cases and playbooks and detection and response plans as it relates to IAM
- Maintain security, backup, and redundancy strategies for IAM platforms
- Document standard operating procedures and protocols
- Lead in the creation and updates of technical project documentation (i.e. technical and configuration runbook, implementation plan, etc.)
- Experience in leading the team in supporting Level 2, 3 and/or 4 escalation for production incidents
- Greenfield Identity & Access Management Platforms
- SailPoint IdentityNow
- CyberArk Privileged Access Management
- HashiCorp Vault
- Windows Active Directory
- Azure Active Directory
- Authentication & Authorization Protocols (SAML, OAuth, OIDC)
- Azure AD Privileged Identity Management (PIM)
- Zero-Trust and NIST Identity Frameworks
- Multi-Factor Authentication
- Least Privilege RBAC and Segregation of Duties
- Microsoft M365
- Cloud Platform IAM (Azure, GCP, AWS)
- Infrastructure as Code
- PowerShell
- A University degree plus at least 5 years' experience with IAM and PAM architectures and security
- Extensive knowledge and experience of IAM and PAM-related security capabilities (i.e. provisioning, birthright roles, entitlements, segregation of duties, authentication, authorization, human and non-human credential and role management, access certification, logging, analytics and reporting, privileged access management, etc.) and their realization across workforce and customer populations
- 5+ years of hands-on working experience in the participation of design and engineering of enterprise scale SailPoint IdentityNow and CyberArk PAM solutions
- Diverse solutioning experience in a variety of environments, platforms, and channels, including multi-cloud, SaaS, on-prem, off-prem, mainframe, web, mobile, call centre, public clients, etc.
- Hands-on experience in using a variety of protocols and standards in solutions, including SAML, OAuth, OIDC, XACML, SCIM, FIDO2, Human Workflow with ServiceNow, NIST 800-63, NIST Zero Trust Framework, etc.
- 5+ years' experience with Microsoft Windows AD, Azure AD, and LDAP
- 5+ years' experience with SailPoint and Java, JavaScript, Beanshell, JSON, XML, RPC, SQL, Python and REST development
- One or more IAM and PAM certifications (SailPoint Certified IdentityIQ Architect and/or SailPoint Certified IdentityNow Engineer, CyberArk Sentry and/or Guardian)
- One or more industry recognized architecture professional designations (e.g. TOGAF, SABSA, etc.) is an asset
- One or more industry recognized information security professional designations (e.g. CISSP, CISA, etc.) is an asset
- Experience in Digital Applications, Salesforce Financial Services Cloud, Azure, GCP cloud services platforms is an asset
- Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment
- Highly self-motivated, self-directed, and attentive to detail
- Excellent documentation and diagraming skills with diligent attention to detail, providing clarity of architecture and design for Engineering and Operations teams
- Superior leadership, collaboration, and interpersonal skills with a demonstrated ability to work effectively and build consensus in a multi-functional team environment
- Strategic thinker with strong organizational, project management and time management capabilities
- Deadline-driven and results-oriented; able to meet consistently high-quality standards while handling a variety of tasks and deadlines simultaneously
- Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors
- Strong desire to implement change and contribute to the organization
- Knowledge of Financial Services industry
-
Senior Security Platform Specialist
1 week ago
IGM Financial Manitoba, CanadaCareer Opportunities: Senior Security Platform Specialist (IAM · Requisition ID 12695 - Posted - Location (1) - Canada - Province of Job Posting (1) - Career Site (2) · IGM Financial Inc. is one of Canada's leading diversified wealth and asset management companies with approx ...
-
Security Analyst
1 week ago
IGM Financial Manitoba, CanadaSenior Security Platform Specialist (IAM · Requisition ID Posted - Location (1) - Canada - Province of Job Posting (1) - Career Site (2) · IGM Financial Inc. is one of Canada's leading diversified wealth and asset management companies with approximately $271 billion in total as ...
-
Planning Coordinator Intern
1 week ago
IGM Financial Manitoba, CanadaRequisition ID Posted - Location (2) - Canada - Province of Job Posting (2) - Career Site (2) · Division: IGM Client Services Operations · IGM Financial Inc. is one of Canada's leading diversified wealth and asset management companies with approximately $271 billion in total as ...
-
Coordinator, Wealth Operations
1 week ago
IGM Financial Manitoba, CanadaCareer Opportunities: Coordinator, Wealth Operations · Requisition ID 12882 - Posted - Location (2) - Canada - Province of Job Posting (2) - Career Site (2) · Division: IGM Client Services Operations · IGM Financial Inc. is one of Canada's leading diversified wealth and ass ...
-
Estate Associate
1 week ago
IGM Financial Manitoba, CanadaRequisition ID 12895 - Posted - Location (1) - Canada - Province of Job Posting (1) - Career Site (2) · Division: IGM Client Services Operations · Location: Winnipeg · IGM Financial Inc. is one of Canada's leading diversified wealth and asset management companies with approx ...
-
Stewardship Administrator
3 days ago
Canards Illimités Canada Manitoba, Canada Full time 35Position Details: Full-time, Permanent · Salary Range: Starting salary will be $44,500, based on a 35-hour work week. Salary for this position will be commensurate with the successful applicant's education and/or experience as it relates to the position. · Location: Flexible l ...
-
Manager Insurance Contracting
2 days ago
IG Wealth Management Manitoba, CanadaPOSITION SUMMARY · The Manager, Contracting & Transfers, is responsible for all National Account Insurance contracting and transfer activities including the management of business processes related to insurance business transfers and coordination of transfer payments. In additio ...
Senior Security Platform Specialist - Manitoba, Canada - IG Wealth Management
Description
Responsibilities
Implementation Experience
In Scope Key Candidate Skills
Qualifications
