- Position: IAM Engineer
- Location: Toronto, ON
- Employment Type: Full-Time / Contract
Position Overview:
- We are seeking an experienced IAM Engineer to join our team in Toronto, ON. The ideal candidate will have strong expertise in Identity and Access Management (IAM) with a focus on Microsoft Azure Entra ID (formerly Azure Active Directory). This role will be responsible for designing, implementing, and supporting secure identity solutions, authentication mechanisms, and access governance practices across enterprise environments.
- The successful candidate will work closely with cloud, security, infrastructure, and application teams to ensure secure and scalable identity services while maintaining compliance with organizational security standards.
Key Responsibilities:
- Design, implement, and manage Identity and Access Management (IAM) solutions using Azure Entra ID.
- Configure and maintain App Registrations and Service Principals for enterprise applications and services.
- Implement and manage Role-Based Access Control (RBAC) to enforce least-privilege access principles.
- Configure and support authentication and authorization protocols, including OAuth 2.0, OpenID Connect (OIDC), and SAML.
- Implement and manage Multi-Factor Authentication (MFA) solutions to enhance security.
- Collaborate with application teams to integrate secure authentication and authorization mechanisms.
- Support identity lifecycle management, access reviews, and governance initiatives.
- Troubleshoot and resolve authentication, authorization, and access-related issues.
- Participate in security reviews, audits, and compliance activities related to IAM.
- Document IAM configurations, standards, procedures, and best practices.
- Work closely with cloud, infrastructure, and security teams to support enterprise identity solutions.
Required Skills & Experience:
- Strong hands-on experience with Azure Entra ID (Azure Active Directory).
- Experience configuring and managing App Registrations and Service Principals.
- Solid understanding of Role-Based Access Control (RBAC) concepts and implementation.
- Hands-on experience with authentication and federation technologies, including:
- OAuth 2.0
- OpenID Connect (OIDC)
- SAML
- Experience implementing and managing Multi-Factor Authentication (MFA) solutions.
- Understanding of identity security best practices and access governance.
- Strong troubleshooting and problem-solving skills.
- Excellent communication and collaboration skills.
Preferred Qualifications:
- Exposure to Google Cloud Platform (GCP) IAM.
- Experience with HashiCorp Vault for secrets management.
- Experience with Terraform and Infrastructure as Code (IaC).
- Experience working in cloud and hybrid-cloud environments.
- Familiarity with security frameworks and compliance requirements.
Pay: $100,000.00-$130,000.00 per year
Experience:
- Identity & Access Management (IAM): 7 years (preferred)
- Azure Entra ID: 7 years (preferred)
- RBAC: 7 years (preferred)
- OAuth/OIDC/SAML: 7 years (preferred)
- Multi-Factor Authentication (MFA): 7 years (preferred)
- GCP IAM: 4 years (preferred)
- Terraform: 4 years (preferred)
- HashiCorp Vault: 4 years (preferred)
Work Location: Hybrid remote in Toronto, ON (Toronto District)
