Career Opportunities: Senior Security Platform Specialist (IAM) (13359)

Division: IGM Technology & Data Location: Winnipeg   IGM Financial Inc. is one of Canada's leading diversified wealth and asset management companies with approximately $271 billion in total assets under managements.  The company provides a broad range of financial planning and investment management services to help more than two million Canadians meet their financial goals.  Its activities are carried out principally through IG Wealth Management, Mackenzie Investments and Investment Planning Counsel.      Under IGM Financial's unique business model based on leading brands and multi-channel distribution strategy, we’re IG Wealth Management. For over 90 years of business, we have grown to become one of the largest most respected companies in Canada. We are a leader in providing the best advice, experience and outcomes for our clients, personalized throughout their lifetime.     At IG Wealth Management, our vision is to inspire financial confidence.    This is your opportunity to build a career with a leading organization where you can learn, grow and thrive both professionally and personally. We are proud to be recognized as one of Canada’s Top Employers by Mediacorp Canada Inc. for empowering our employees with the tools to thrive while working remotely, while also providing resources to ensure physical and mental wellness were put front and center.     You will join a team that believes our success starts with the success of our clients, while working together as a team to realize our greatest potential.  You will join a team that strives towards excellence while developing and sharing skills and knowledge. You can make a difference for our clients, the world around us and be part of a team that cares. We are dedicated to offering a hybrid work environment when applicable.    IG Wealth Management is a diverse workplace committed to doing business inclusively - this starts with having a representative workforce! We encourage applications from all qualified candidates that represent the diversity present across Canada – including racialized persons, women, Indigenous persons, persons with disabilities, 2SLGBTQIA+ community, gender diverse and neurodiverse individuals, as well as all who may contribute to the further diversification of ideas.     Role & Responsibility The Senior Security Platform Specialist (IAM Architecture) is a member of the Identity and Access Management (IAM) team responsible for designing, operating and maintaining Identity Management, Secrets Management and Privileged Access Management (PAM) platforms for the enterprise. The Senior Security Platform Specialist (IAM Architecture) will work with project teams to architect secure IAM and PAM solutions destined for multi-cloud and on-prem environments. Working with business, security, and other technical team members, the Senior Security Platform Specialist (IAM Architecture) will be responsible in technical security architectural requirements, design, and delivery of the SailPoint IdentityNow, Active Directory, Secrets Management and Privileged Access Management platforms. This role will lead the development of toolsets that brings centralization, security, and timely access to resources and will work closely with IAM Engineering, Operations and DevOps team members.  The role is also expected to do hands on development/configuration work. This is a deep technical, delivery and leadership-oriented role, and provides a unique opportunity to work closely with numerous business and functional areas across IGM.   Key Capabilities & Responsibilities Define strategic security architectures across hybrid technology stacks and cloud hosted IAM, PAM and Secrets Management platforms. Act as an SME in IAM and PAM platforms on evaluating, designing, and testing solutions and technologies, aligned with the enterprise security platforms, including SailPoint IdentityNow, CyberArk PAM, HashiCorp Vault for Secrets Management, Microsoft Active Directory and Azure Active Directory Deliver architectures and designs in both agile and iterative waterfall project delivery models, and propose and implement enhancements to improve the viability of the solutions to meet program timelines, budget, and quality measurements. Author patterns to drive reuse of IAM, PAM and Secrets Management solutions across IGM Liaise with cloud, integration, data, digital, security and infrastructure architecture, development, and engineering teams to ensure that all solution architecture views are defined and elaborated Develop documentation, architectural, design and workflow diagrams, and test scripts Review solutions to ensure new and existing applications are implemented to the standards utilizing the RBAC and Zero Trust Security Frameworks Proactively identify security technology reuse goals and opportunities Direct the research and evaluation of emerging IAM and PAM technologies, industry, and market trends; and ensure recommendations are based on business relevance, current standards and best practices, appropriate timing, and deployment Identify potential risks of projects, document and address those risks and work with other teams to resolve issues In Scope Key Candidate Skills SailPoint IdentityNow CyberArk Privileged Access Management HashiCorp Vault Windows Active Directory Entra ID Authentication & Authorization Protocols (SAML, OAuth, OIDC) Azure AD Privileged Identity Management (PIM) NIST CSF Frameworks Cloud Platform IAM (Azure, GCP, AWS) PowerShell Qualifications A University degree plus at least 5 years' experience with IAM and PAM architectures and security Extensive knowledge and experience of IAM and PAM-related security capabilities (i.e. provisioning, birthright roles, entitlements, segregation of duties, authentication, authorization, human and non-human credential and role management, access certification, logging, analytics and reporting, privileged access management, etc.) and their realization across workforce and customer populations 5+ years of hands-on working experience in the participation of design and engineering of enterprise scale SailPoint IdentityNow and CyberArk PAM solutions 5+ years’ experience with Microsoft Windows AD, Entra ID, and LDAP 5+ years’ experience with SailPoint and Java, JavaScript, JSON, XML, SQL, Python One or more IAM and PAM certifications (SailPoint Certified IdentityIQ Architect and/or SailPoint Certified IdentityNow Engineer, CyberArk Sentry and/or Guardian) One or more industry recognized information security professional designations (e.g. CISSP, CISA, etc.) is an asset Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment Highly self-motivated, self-directed, and attentive to detail Excellent documentation and diagraming skills with diligent attention to detail, providing clarity of architecture and design for Engineering and Operations teams Strategic thinker with strong organizational, project management and time management capabilities Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors Knowledge of Financial Services industry   Please visit our career page by clicking on the following link: https://www.ig.ca/en/careers    We thank all applicants for their interest in IG Wealth Management; however only those candidates selected for an interview will be contacted.     IG Wealth Management is an accessible employer committed to providing a barrier free recruitment experience. If you require an accommodation or this information in an alternate format at any stage of the recruitment process, please reach out to the Talent Acquisition team who will work with yo