Senior Security Analyst with experience managing Users and Groups in on-prem Microsoft Active Directory and LDAP - 39058

Senior Security Analyst with experience managing Users and Groups in on-prem Microsoft Active Directory and LDAP - 39058

Location Address: Hybrid (two days in the office with potential increase in the future) - Scarborough

Contract Duration: 9 months (High Chance of Extension)

Scheduled Hours: Monday to Friday, 8:30am-5pm

Story Behind the Need:

The Identity Lifecycle Management team within the Access Management Operations is responsible for the execution of established security controls pertaining to identity and access. This includes the centralized provisioning of user identities, the user accounts linked to those identities, management of user access, privileged access, as well as the selection and integration of identity management tools. The Senior Analyst, Identity Lifecycle Management is responsible for supporting the achievement of the Bank’s information security objectives of integrity, confidentiality/privacy, availability, and continuity by:

• Ensuring logical access control is effectively implemented across the Enterprise.

• Addressing logical access and risks commensurate with the Bank’s risk appetite.

• Providing support for logical access working with MS Active Directory (on prem), LDAP, provisioning access on user’s local workstation, access on vFiler shares, privileged access management.

• Supporting the business to understand their responsibilities with respect to logical access controls.

Project: Remediation of audit findings of privilege IDs.

Typical Day in Role:

• Continuously provides value and consistency added to the user and customer experience by improvising workflows associated with bank’s onboarding and Logical Access platforms

• Perform required tasks for Logical Access Control; tasks relevant to Identity & Access Management including access request, access provision/deprovision, communication, and documentation of operational processes and procedures, etc.

• Process Add/remove/change activities, and provide support on access issues for: AD User ID, ScotiaID, Entra ID, AD Security Groups, Entra Groups.

• Utilize troubleshooting skills to understand moderately complex systems/issues related to user Identity and access, and potential root causes.

• Liaise with 2nd and 3rd level support when required.

• Provide reports and data, as requested, for audits and walkthroughs of internal controls IAMOPS ILM owned processes.

Candidate Requirements/Must-Have skills:

1. 9+ years of experience managing Users and Groups in on-prem Microsoft Active Directory and LDAP

2. 3-5+ years of experience with PowerShell scripting for AD administration tasks

3. Advanced Excel data management skills (working with big reports)

4. 2-3+ years of experience with ServiceNow, SQL/Oracle

5. 3-5+ years of experience with SailPoint IIQ, CyberArk (or similar) PAM solution for Privilege ID onboarding and management

Nice-To-Have Skills:

1. MS Azure and Entra ID management experience

2. Previous Banking/FI experience

3. Power BI experience

4. Technical and Security Designation is an asset (MCSE\MCSA, CISSP, Security+)

Best vs. Average Candidate:

• The best candidate is someone with advanced AD identity management and PowerShell scripting skills

• Proactive and consistently seeks solutions for problems, has good time management skills.

Education:

• Post-secondary degree in a technical field such as computer science, computer engineering or equivalent work experience

Candidate Review & Selection

1 round Panel technical Interview - remote or on-site in person(preferred) (45 minutes)

-Assess both technical and soft skills

-Possibility of a second round interview