Senior IAM Engineer with SAML 2.0, OAuth 2.0, and MFA experience to support one of our major banking clients- 39667

Senior IAM Engineer with SAML 2.0, OAuth 2.0, and MFA experience to support one of our major banking clients- 39667

Location Address: Hybrid -Scaborough - 2 days in the office. Subject to change.

Contract Duration: 6 Months (Possibility of extension)

Number of Positions: 2

Schedule Hours: 9 am-5pm Monday-Friday; standard 37.5 hrs/week

Story Behind the Need

Business group:

The Global Identity & Access Management (IAM) organization defines and executes the enterprise IAM strategy, roadmap, and security control framework across Scotiabank globally. This includes Identity Lifecycle Management, centralized provisioning, access governance, privileged access management, strong authentication (MFA), Single Sign-On (SSO), and integration of IAM solutions.

The Senior IAM Engineer is responsible for solution design, integration, development, implementation, and operational support of IAM platforms, with a primary focus on Microsoft Entra ID and related authentication/authorization services.

Project: Most of the job would be working with clients to help onboard their application from VAM to Entra.

They will be enabling single sign-on for applications, like we have about 304 in the application that need to be completed. So they will be working with the clients to basically enable authentication and the single sign-on for these applications in Entra.

Candidate value preposition.

We have an inclusive and collaborative working environment that encourages creativity, curiosity, and celebrates success! You'll get to work with and learn from diverse industry leaders who have hailed from top technology companies around the world. We foster an environment of innovation and continuous learning

Daily activities:

• Own the full project lifecycle from requirements to implementation and support.

• Deliver secure, high‑quality IAM solutions on time and within budget.

• Work cross-functionally and serve as a technical leader for IAM services.

• Participate in on-call rotation for critical services.

• Conduct root cause analysis, implement fixes, and ensure platform resilience.

• Ensure compliance with enterprise standards for availability, DR, and security controls.

Must-have requirements:

• 8-9 years of hands-on experience with Microsoft Entra ID and Microsoft IAM technologies (Conditional access policies (Preferred) Graph, Azure and/or DevOps)

• 4-5 years of experience working with protocols such as SAML 2.0, OAuth 2.0, and MFA. (60-70 % of the role)

• 3+ years of experience with monitoring tools such as Splunk and Dynatrace.

Nice-To-Have Skills:

• Experience with Java, cloud, or modern web development (nice to have).

• Knowledge OIDC, LDAP

• Working knowledge of cryptography, PKI, and certificate management.

• Familiarity with identity lifecycle management and access governance.

Best VS. Average Candidate:

The best candidate is someone who knows how set up things within Entra, someone who understands the protocols. Somebody who has actually worked on onboardings of applications or a migration project similar to this one would be the best candidate. An average candidate is somebody who has not worked with ENTRA too much and is only vaguely aware of these protocols and how they work on ENTRA.

Quick tip: The majority of candidates put on their resumes years of experience with SAML but when managers try to ask what the user flow is for SAML, they won't be able to respond properly. Please probe candidates using this question.

Candidate Review & Selection

1- Video- 60 mins - architect and Entra specialist - technical questions, go through experience and role overview.

2nd round Video- 30 mins -HM - cultural fit