Sr. IAM Solutions Architect with Azure MFA and SailPoint experience to design security solutions for our Insurance client

Sr. IAM Solutions Architect with Azure MFA and SailPoint experience to design security solutions for our Insurance client

Duration: Permanent/Fulltime

Location: Hybrid (Toronto, London, Winnipeg)

Reporting to the AVP Identity & Access Management, you will be a key contributor to the evolution of how we will meet the Security service requirements of the teams we support. The IAM Senior Solutions Architect is a senior expert in the Identity & Access Management (IAM) team accountable for the overall solution design quality and persistency of alignment. This role defines and maintains the solution architecture and detailed solution design and ensures the as-built state is in alignment with the design and meets the operational requirements. The individual ensures solution architectures and designs are in alignment with enterprise and portfolio architecture directions and organizational standards. The architect leads any design documentation, continuous improvement of design and seeks guidance from Portfolio Architecture and Engineering and Operations on architecturally significant decisions. The architect may be called upon to help resolve production problems

What you will do

• Accountable for design and technical quality of the security solution measured by demonstrated attainment of service levels and number of incidents.
• Develops and maintains the security solution architecture as well as contributes security architecture inputs in other systems architecture and detailed solution design views.
• Ensures system usability is considered, both from a human factors point of view and as it impacts system engineering.
• Ensures the implemented product/solution meets the operational requirements and is in alignment with enterprise and portfolio architecture directions, and the organization’s policies and standards, or proposes and obtains variance.
• Works closely with other members of the product/project team and LOB Architecture leads to ensure a balanced solution considering all perspectives.
• Provides input to the creation of the project management deliverables, including project charter, risk assessment, vendor assessments/RFPs and project schedule.
• Develops security strategies, plans and roadmaps based on enterprise architecture practices, business, technology and threat drivers and current/emerging solutions on the market.
• Reviews security technologies, tools, and services, and makes recommendations to the broader security team for their use. Leads prototyping activities.
• Contributes to the development and selection of systems architecture practices, tools, techniques, models, patterns, and standards.
• Proactively identifies and raises requirements for new/amended IT processes, best practices, and standards.
• Takes direct ownership of the most significant technology and design issues.
• Acts as the focal point for significant infrastructure and development issues.
• Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application.
• Develop reusable standardized Solution Patterns which can be leveraged by multiple application teams adopting IAM technologies.

What you will bring

• 10+ years of multi-disciplinary security architecture experience in a large, complex organization.
• Bachelor’s or Master’s degree in Computer Science and/or Software Engineering.
• Extensive experience designing IAM technologies and services (e.g., Active Directory, Azure AD, LDAP, Azure SSO, ADFS, Azure MFA, Entrust MFA, IBM Security Verify Access, SailPoint, CyberArk, HashiCorp Vault, Customer Identity & Access Management (CIAM).
• Strong experience with data discovery & classification, data access management/governance, data security posture management (DSPM).
• Strong domain expertise along with best practices in authentication, authorization, identity lifecycle management, SSO, PAM, directory services and Identity Governance & Administration.
• Extensive knowledge of traditional security controls and technologies (e.g., SIEM, IDS/IPS, PKI, EDR, XDR, SOAR).
• Extensive knowledge of application and data security controls and technologies (e.g., OAUTH, OIDC, SAML, MTLS, DLP, RBAC, ABAC, REST).
• Experience with securing intra-company and third-party APIs, microservices and service mesh.
• Experience in cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private and hybrid cloud environments.
• Integration and complex solution design in multi-tiered architectures spanning multiple organizations and hybrid IT environments.

Nice to Have:

• ISO 27001, NIST, PCI, PIPEDA, CIS or SOC2.
• CISSP, CISM, TOGAF, GAIC, CISM, CSSLP, SABSA
• Experience in the financial services industry or in a similar complex and regulated industry.
• Experience with DevSecOps, Agile, CI/CD pipelines and secure SDLC practices.
• Experience with modern hybrid security architecture patterns.
• Knowledge and experience in additional architecture domains (e.g., Network, IT Service Management, Compute/Workloads, Storage, Desktop, Applications, Databases and Collaboration).
• Experience with securing modern data products residing in cloud (reporting platforms, analytics, and databases), model development concepts and data pipelines