Security Architect
4 weeks ago
Senior Security Platform Specialist (SailPoint IdentityNow Architect)
Role & Responsibility
The Senior Security Platform Specialist is a member of the Identity and Access Management (IAM) team responsible for operating and maintaining Identity Management, Secrets Management and Privileged Access Management (PAM) platforms for the enterprise.
Key Capabilities & Responsibilities:
- Define strategic security architectures across hybrid technology stacks and cloud hosted IAM, PAM and Secrets Management platforms
- Act as an SME in IAM and PAM platforms on evaluating, designing, and testing solutions and technologies, aligned with the enterprise security platforms, including SailPoint IdentityNow, CyberArk PAM, HashiCorp Vault for Secrets Management, Microsoft Active Directory and Azure Active Directory
- Define solutions realizing workforce and customer IAM capabilities, develop and evolve solution architectures and designs, demonstrate solutions meet stakeholders’ requirements, and obtain approval on the architectures and designs at the architecture review board
- Deliver architectures and designs in both agile and iterative waterfall project delivery models, and propose and implement enhancements to improve the viability of the solutions to meet program timelines, budget, and quality measurements
- Author patterns to drive reuse of IAM, PAM and Secrets Management solutions across the organization
- Be an authoritative and trusted partner with deep, practical experience in workforce and customer IAM, Secrets Management, PAM and solution architecture best practices to various business and functional areas across the organization, as well as to various risk management and governance functions
- Liaise with cloud, integration, data, digital, security and infrastructure architecture, development, and engineering teams to ensure that all solution architecture views are defined and elaborated
- Develop documentation, architectural, design and workflow diagrams, and test scripts
- Identify and communicate high-level gaps and issues in primary functional areas
- Review solutions to ensure new and existing applications are implemented to the standards utilizing the RBAC and Zero Trust Security Frameworks
- Proactively identify security technology reuse goals and opportunities
- Direct the research and evaluation of emerging IAM and PAM technologies, industry, and market trends; and ensure recommendations are based on business relevance, current standards and best practices, appropriate timing, and deployment
Implementation Experience:
- Must have hands-on experience designing and deploying large-scale enterprise Identity Governance & Administration solutions, including Identity Management (Provisioning, Enrolment, De-provisioning), Access Management, Authentication, Authorization, Role Based Access Control (RBAC), Identity Governance (Attestation, Re-certification, Reconciliation), Identity Federation, Single Sign-On (Desktop SSO, Web SSO, eSSO), Privileged Access/User Management (PAM/PUM), Security and IAM management for cloud based solutions, including IaaS, PaaS, SaaS and IDaaS, Social Login, Identity Analytics, Identity Trust Frameworks
- Must have hands-on experience to install, configure, test, maintain and troubleshoot Identity, Access, Governance and Audit Management platforms, e.g. SailPoint IIQ IdentityNow, Azure Active Directory, Windows Active Directory, CyberArk
- Strong architecture experience with Privileged Access Management Solutions (CyberArk, etc.)
- Strong knowledge of Directory Services – Active Directory and Azure Active Directory
- Subject matter expert in the following IAM Technologies: LDAP, SAML, OAuth, OpenID Connect (OIDC), XAML, NAPPS, WS-Fed, FIDO, UMA, SCIM, IWA, etc.
- Hands-on experience in designing and implementing integrations with ServiceNow and end-to-end workflow automation for full circle fulfillment
- Governance, planning, and delivery of enterprise-level IAM program based on zero-trust (Identity, access, privileged access, SSO federation, cloud, MFA)
- Experience in implementing security hardening in cloud-based systems, endpoint, and cloud infrastructure
- Design of SIEM use cases and playbooks and detection and response plans as it relates to IAM
- Maintain security, backup, and redundancy strategies for IAM platforms
- Document standard operating procedures and protocols
- Lead in the creation and updates of technical project documentation (i.e. technical and configuration runbook, implementation plan, etc.)
- Experience in leading the team in supporting Level 2, 3 and/or 4 escalation for production incidents
In Scope Key Candidate Skills
- Greenfield Identity & Access Management Platforms
- SailPoint IdentityNow
- CyberArk Privileged Access Management
- HashiCorp Vault
- Windows Active Directory
- Azure Active Directory
- Authentication & Authorization Protocols (SAML, OAuth, OIDC)
- Azure AD Privileged Identity Management (PIM)
- Zero-Trust and NIST Identity Frameworks
- Multi-Factor Authentication
- Least Privilege RBAC and Segregation of Duties
- Microsoft M365
- Cloud Platform IAM (Azure, GCP, AWS)
- Infrastructure as Code
- PowerShell
Qualifications:
- A University degree plus at least 5 years' experience with IAM and PAM architectures and security
- Extensive knowledge and experience of IAM and PAM-related security capabilities (i.e. provisioning, birthright roles, entitlements, segregation of duties, authentication, authorization, human and non-human credential and role management, access certification, logging, analytics and reporting, privileged access management, etc.) and their realization across workforce and customer populations
- 5+ years of hands-on working experience in the participation of design and engineering of enterprise scale SailPoint IdentityNow and CyberArk PAM solutions
- Diverse solutioning experience in a variety of environments, platforms, and channels, including multi-cloud, SaaS, on-prem, off-prem, mainframe, web, mobile, call centre, public clients, etc.
- Hands-on experience in using a variety of protocols and standards in solutions, including SAML, OAuth, OIDC, XACML, SCIM, FIDO2, Human Workflow with ServiceNow, NIST 800-63, NIST 800-207 Zero Trust Framework, etc.
- 5+ years’ experience with Microsoft Windows AD, Azure AD, and LDAP
- 5+ years’ experience with SailPoint and Java, JavaScript, Beanshell, JSON, XML, RPC, SQL, Python and REST development
- One or more IAM and PAM certifications (SailPoint Certified IdentityIQ Architect and/or SailPoint Certified IdentityNow Engineer, CyberArk Sentry and/or Guardian)
- One or more industry recognized architecture professional designations (e.g. TOGAF, SABSA, etc.) is an asset
- One or more industry recognized information security professional designations (e.g. CISSP, CISA, etc.) is an asset
- Experience in Digital Applications, Salesforce Financial Services Cloud, Azure, GCP cloud services platforms is an asset
-
Security Architect
4 days ago
Toronto, Canada Apex Systems Full timeSecurity ArchitectApex Systems is a global IT services provider and our staffing practice has an opening for a Security Architect who is proficient with Identity Access Management and Security protocols to be placed at our client, one of the top five banks in Canada.Client: Top Bank in CanadaTerms: 6 month contract to hireLocation: Hybrid, 1 day in office...
-
GCP Security Architect
3 days ago
Old Toronto, Canada Epsilon Solutions Ltd. Full timeJob Title : GCP Security ArchitectJob Location : Canada (Remote)Job Description For GCP (Google Cloud Platform) Security L3/ArchitectCloud Security Engineer should be proficient in different aspects of cloud security and not limited to - IAM, configuring network security defences, data protection, defining organizational structure, policies, and guardrails,...
-
GCP Security Architect
3 days ago
Old Toronto, Canada Epsilon Solutions Ltd. Full timeJob Title : GCP Security ArchitectJob Location : Canada (Remote)Job Description For GCP (Google Cloud Platform) Security L3/ArchitectCloud Security Engineer should be proficient in different aspects of cloud security and not limited to - IAM, configuring network security defences, data protection, defining organizational structure, policies, and guardrails,...
-
GCP Security Architect
4 days ago
Old Toronto, Canada Epsilon Solutions Ltd. Full timeJob Title : GCP Security ArchitectJob Location : Canada (Remote)Job Description For GCP (Google Cloud Platform) Security L3/ArchitectCloud Security Engineer should be proficient in different aspects of cloud security and not limited to - IAM, configuring network security defences, data protection, defining organizational structure, policies, and guardrails,...
-
GCP Security Architect
19 hours ago
Old Toronto, Canada Epsilon Solutions Ltd. Full timeJob Title : GCP Security ArchitectJob Location : Canada (Remote)Job Description For GCP (Google Cloud Platform) Security L3/ArchitectCloud Security Engineer should be proficient in different aspects of cloud security and not limited to - IAM, configuring network security defences, data protection, defining organizational structure, policies, and guardrails,...
-
Cyber Security Architect
2 weeks ago
Toronto, Canada George Brown College Full timeCompetition Number: REQ 6071 TITLE: Cyber Security Architect DIVISION: Information Technology SALARY: Payband L, starting rate $ per hour HOURS: 9:00 am to 5:00 pm HOURS PER WEEK: 40 LOCATION: 230 Richmond Street East STATUS: Full Time Support EFFECTIVE DATE: Immediately CLOSING: May 10, 2024 ...
-
Security Solution Architect
4 weeks ago
Toronto, Ontario, Canada Motion Recruitment Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
1 day ago
Toronto, Canada Motion Recruitment Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
4 weeks ago
Toronto, Canada Motion Recruitment Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
4 weeks ago
Toronto, ON, Canada Motion Recruitment Partners LLC Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
3 weeks ago
Old Toronto, Canada Motion Recruitment Partners LLC Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
3 weeks ago
Old Toronto, Canada Motion Recruitment Partners LLC Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
4 weeks ago
Old Toronto, Canada Motion Recruitment Partners LLC Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Security Solution Architect
19 hours ago
Old Toronto, Canada Motion Recruitment Partners LLC Full timeJob Description As a prominent technology company in Canada, this organization is committed to delivering exceptional services and solutions. With an extensive network infrastructure and cutting-edge technology, they provide seamless communication and connectivity across the country. Their customer-centric approach ensures exceptional experiences, making...
-
Data Architect/Cyber Security Architect
3 days ago
Toronto, ON, Canada APPTOZA INC. Full time*Job Title: Data Protection Architect**Location: Toronto, ON**Duration: Long Term Contract**Job Description:*• 10-15yrs experience in Microsoft Security Tool Stack.• Must have the ability to translate business requirements to technology architecture plans.• Planning and delivering proactive support including onsite presence• Create architecture plan...
-
Cyber Security Implementation Architect
3 weeks ago
Toronto, Canada Challenger Motor Freight Inc Full timeEnvision: Working for a company dedicated to personal career growth and opportunity in moving the organization forward. Challenger Motor Freight Inc. is a Platinum Club Member in Canada’s 50 Best Managed Companies. Our success is directly attributed to our dedicated and talented team of professionals who work hard together with a common purpose – to...
-
Cyber Security Implementation Architect
3 weeks ago
Toronto, Canada Challenger Motor Freight Inc Full timeEnvision: Working for a company dedicated to personal career growth and opportunity in moving the organization forward. Challenger Motor Freight Inc. is a Platinum Club Member in Canada’s 50 Best Managed Companies. Our success is directly attributed to our dedicated and talented team of professionals who work hard together with a common purpose – to...
-
Cyber Security Implementation Architect
3 weeks ago
Toronto, Canada Challenger Motor Freight Inc Full timeEnvision: Working for a company dedicated to personal career growth and opportunity in moving the organization forward. Challenger Motor Freight Inc. is a Platinum Club Member in Canada’s 50 Best Managed Companies. Our success is directly attributed to our dedicated and talented team of professionals who work hard together with a common purpose – to...
-
Cyber Security Implementation Architect
3 weeks ago
Toronto, Canada Challenger Motor Freight Inc Full timeEnvision:Working for a company dedicated to personal career growth and opportunity in moving the organization forward. Challenger Motor Freight Inc. is a Platinum Club Member in Canada’s 50 Best Managed Companies. Our success is directly attributed to our dedicated and talented team of professionals who work hard together with a common purpose – to keep...
-
Application Security Architect
4 weeks ago
Toronto, Canada Zynga Full timeAVAILABLE POSITIONS Application Security Architect Careers Category: Other Careers location: Austin, TX, Chicago, IL, Toronto, Canada Connected Worker Type: Connected R_111778 Zynga is currently seeking an Application Security Engineer to work on today’s evolving offensive and defensive measures in the application security field. This...
