Division: IGM Technology
Location: Toronto or Winnipeg
IGM Financial Inc. is one of Canada’s leading diversified wealth and asset management companies with approximately $271 billion in total assets under managements. The company provides a broad range of financial planning and investment management services to help more than two million Canadians meet their financial goals. Its activities are carried out principally through IG Wealth Management and Mackenzie Investments.
Under IGM Financial’s unique business model based on leading brands and multi-channel distribution strategy, we’re IG Wealth Management. For over 90 years of business, we have grown to become one of the largest most respected companies in Canada. We are a leader in providing the best advice, experience and outcomes for our clients, personalized throughout their lifetime.
At IG Wealth Management, our vision is to inspire financial confidence.
This is your opportunity to build a career with a leading organization where you can learn, grow and thrive both professionally and personally. We are proud to be recognized as one of Canada’s Top Employers by Mediacorp Canada Inc. for empowering our employees with the tools to thrive while working remotely, while also providing resources to ensure physical and mental wellness were put front and center.
You will join a team that believes our success starts with the success of our clients, while working together as a team to realize our greatest potential. You will join a team that strives towards excellence while developing and sharing skills and knowledge. You can make a difference for our clients, the world around us and be part of a team that cares. We are dedicated to offering a hybrid work environment when applicable.
IG Wealth Management is a diverse workplace committed to doing business inclusively – this starts with having a representative workforce! We encourage applications from all qualified candidates that represent the diversity present across Canada – including racialized persons, women, Indigenous persons, persons with disabilities, 2SLGBTQIA+ community, gender diverse and neurodiverse individuals, as well as all who may contribute to the further diversification of ideas.
The Senior Specialist, IAM Operations is responsible for day-to-day operational activities providing expertise and support to the Identity and Access Management team.
This is a technical role, and the ideal candidate is passionate about delivering IAM services through operational excellence. The candidate must have a proven versatile skill set, including technical acumen and excellent learning agility with the ability to maintain, operate, support, and document enterprise-class solutions and systems based on industry-standard IAM platforms in complex environments. The Specialist will bring to bear a combination of prior strong IGA, PAM and Directory Services experience, problem-solving skills, and technical expertise in delivering operational excellence to drive business strategies to successful outcomes.
This role focuses on reviewing existing IAM processes and driving continuous improvement initiatives to ensure they are aligned to IGM’s strategic goals, security and risk standards, governance, audit, and reporting on all facets of IAM Operations. Close collaboration with the IAM Platform team will be required to support the overall delivery of IAM services to the enterprise.
This position will establish partnership and communication channels with multi-functional teams that include business users, external business customers, consultants, and cross- IS teams to deliver on key business initiatives.
Key Capabilities & Responsibilities
Drive and advance Identity management and customer experience capabilities that align with our Business and IS Strategy
Manage and operate the enterprise IAM platforms: IGA (SailPoint IdentityNow), PAM (CyberArk Privilege Cloud), Directory Services (Windows AD & Entra ID) and Secrets Management (Hashicorp Vault), including provisioning, birthright roles, entitlements, segregation of duties, authentication, authorization, human and non-human credential and role management, access certification, logging, analytics and reporting, across both internal and cloud platforms
Provide second level support to troubleshoot and remediate IAM related issues, collaborating with the IAM Platform team for third level support when required
Provide support to the first level IAM Operations team and collaborate with these team members to optimize processes and procedures
Serve as a Subject Matter Expert in the efficient management of operational functions of all IAM platforms
Provide technical and governance input to IAM projects
Be the technical liaison and escalation point between different teams
Work closely with the IAM Leadership team on operational and performance statistics for all IAM platforms to ensure reliability and availability, perform preventative maintenance, and automate routine procedures
Maintain production change control schedule and participate in change control processes
Troubleshoot problems and respond to escalations, and perform repairs as needed
Conduct routine access certifications to ensure compliance and audit with established standards, policies, and configuration guidelines
Create and maintain documentation such as operational workflows & processes, standard operating procedures, playbooks, manuals, Knowledge Articles, etc.
Independently handle operational tasks without management oversight
Collaborate closely with multiple levels of leadership as well as peers to build alignment and advance initiatives
In Scope Key Candidate Skills:
Identity Governance & Administration Platforms
SailPoint IDN (or IIQ)
Privileged Access Management, and Secrets Management
CyberArk
HashiCorp Vault
Azure AD Privileged Identity Management (PIM)
Windows Active Directory
Microsoft Entra ID
Authentication & Authorization Protocols (SAML, OAuth, OIDC)
MFA
Least Privilege RBAC and Segregation of Duties
Microsoft M365
Cloud Platform IAM (Azure, GCP, AWS)
Infrastructure as Code
Scripting (PowerShell, Python, etc)
Qualifications & Skills:
Undergraduate degree coupled with identity management experience in a large organization, preferably a financial institution.
5+ years of operational experience with SailPoint, CyberArk and/or HashiCorp Vault with strong knowledge in Zero Trust
Strong experience in Microsoft Active Directory and MS Entra ID
Knowledge of security and risk control frameworks related to cloud, including CSA, CIS, NIST, etc.
Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment
Highly self-motivated, self-directed, and attentive to detail
Strong desire and aptitude for continuous development to learn new skills and technologies
Superior collaboration, and interpersonal skills with a demonstrated ability to work effectively and build consensus in a multi-functional team environment.
Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors
Ability to determine the information and communication needs of stakeholders
Deadline-driven and results-oriented; able to meet consistently high-quality standards while handling a variety of tasks and deadlines simultaneously
Strong desire to implement change and contribute to the organization
One or more industry recognized information security professional designations (e.g. CISSP, CISA, etc.) is an asset
Knowledge of the Financial Services industry is a definite asset