Our client, the Bank of Canada has a 2 year hydrid remote opportunity for a Senior Identity Management Specialist..............

Under the direction of the Assistant Director, Cyber IAM Access Control: • Design and implement identity solutions leveraging Microsoft Entra ID, including RBAC, Conditional Access Policies, and identity governance capabilities • Implement and integrate secure authentication mechanisms using OAuth2, OpenID Connect, SAML, LDAP, and Kerberos across hybrid environments • Implement and support Privileged Identity Management (PIM) and Just-in-Time (JIT) access models, ensuring leastprivilege and segregation of duties • Design and enforce multi-factor authentication strategies, including strong MFA methods and risk-based access policies • Integrate Active Directory and Cloud Identity Services (Entra ID), supporting enterprise authentication patterns • Build and integrate identity capabilities into CI/CD pipelines (Azure DevOps or equivalent), ensuring secure delivery and automation of IAM services • Develop integrations using REST APIs, Microsoft Graph, and identity provisioning patterns (SCIM or equivalent) • Implement and manage service accounts, manage identities, and certificate-based authentication patterns • Leverage Azure services (Key Vault, RBAC, Managed Identities) for secrets and identity security.

Contribute to identity patterns for machine identities and AI agent scenarios where applicable • Author technical specifications and implement secure, scalable IAM solutions aligned with enterprise architecture • Provide technical guidance to team members, conduct knowledge transfer, and collaborate with cross-functional stakeholders • Stay current with IAM trends and contribute to evolving enterprise identity strategy • Support the development and maintenance of processes and documentation

Required Qualifications & Skills: • University degree in computer science, engineering, cyber security, or related field • A minimum of seven (7) years in software engineering or DevOps • A minimum of three (3) years in Identity and Access Management • Demonstrated strong expertise in Microsoft Entra ID (Azure AD), including roles, permissions, and identity management concepts • Demonstrated hands-on experience implementing and managing Conditional Access policies • Demonstrated experience with Privileged Identity Management (PIM) and just-in-time access controls • Demonstrated experience with Identity Governance and Administration (IGA) capabilities including access lifecycle and entitlement management • Demonstrated strong understanding and implementation experience with OAuth2, OpenID Connect, SAML, LDAP, and Kerberos authentication protocols • Demonstrated experience implementing multi-factor authentication (MFA) and strong authentication methods in enterprise environments • Demonstrated strong understanding of hybrid identity architectures integrating Active Directory with cloud identity providers • Demonstrated hands-on experience with Azure services including RBAC, Managed Identities, and integration with identity platforms • Demonstrated experience with CI/CD pipelines and DevOps practices, preferably with Azure DevOps or equivalent platforms • Demonstrated experience developing and integrating REST APIs, including Microsoft Graph API • Demonstrated strong experience scripting and automation skills using PowerShell, Python, or JavaScript • Demonstrated experience implementing or managing service accounts, workload identities, or certificate-based authentication • Demonstrated understanding of modern identity security principles including Zero Trust and least privilege access models • Demonstrated ability to produce clear, well-organized, business-consumable documentation • Demonstrated strong analytical and problem-solving skills with the ability to make sound technical decisions • Demonstrated strong communication and stakeholder engagement skills in a cross-functional environment • Demonstrated ability to collaborate effectively within teams and provide technical guidance when required

Additional Qualifications The following will also be considered: • Demonstrated experience with certificate lifecycle management platforms • Demonstrated experience in public sector or large enterprise environments • Demonstrated Familiarity with identity-based access control solutions in hybrid environments