IAM Architect,Enterprise Security - Identity Access Management

About The Position

Requirements

• 10+ years in IAM space with 3+ years in an Architect Role.
• 5+ years of experience working within CIAM space (ForgeRock, Okta, Ping Identity, Microsoft Entra ID, etc.)
• 3+ years of hands-on experience with ForgeRock \ PingAM \ PingOne Advanced Identity Cloud
• Experience with REST APIs, JSON, and scripting languages (Python, JavaScript, NodeJS).
• Experience with programming languages (Java), SIEM integrations and security monitoring.
• Strong understanding of various MFA technologies along with pro/con of each.
• Experience developing and documenting CIAM directives, standards and policies.
• Experience with designing and implementing authentication and credential management flows based on channel requirements.
• Experience in scoping, sizing and prioritizing solutions for a project.
• Previous experience working within Banking Sector.
• Experience of preparation of presentation decks and presenting to senior leadership.

Nice To Haves

• Security certifications such as CISSP, CCSP and vendor specific IAM certifications are preferred.

Responsibilities

• Responsible for the architecture and design of new features/capabilities Scotiabank is looking to introduce into the IAM platform (ForgeRock / Ping / PingOne Advanced Identity Cloud)
• Provide subject matter expertise surrounding the various security controls (MFA, Device Binding, Session Control) within ForgeRock\Ping platform
• Work with application domain architects to design solutions and patterns for migration of business applications to next gen CIAM capabilities (on-prem or SaaS platforms)
• Review the business requirements (the “what”) provided by the IAM Product team and provide the overall architectural design (the “how”) to the IAM Engineering team to build into the IAM service.
• Provide required design artifacts to key stakeholders which clearly outlines the solution, components involved, key decisions, and time and cost estimates
• Closely collaborate with IAM Engineering partners in all aspects of the design and ensure alignment and synergy regarding proposed solution.
• Evaluate new authentication capabilities introduced into the ever-changing IAM landscape and account for what is applicable into proposed designs (short-term and long-term)
• Partner with various cross functional architect teams (IAM, security, business channel, fraud) to solidify design approach which aligns with best practices and strategic direction of the platform
• Collaborate with stakeholders across the Bank - technology, security architecture, security advisory, fraud, compliance and business channel teams – to provide enterprise grade solutions which meet the business and security requirements
• Represent the CIAM Architecture team on various governance boards but providing both expertise and the required artifacts necessary to ensure stakeholder approval
• Design based on strong CIAM expertise that aligns with industry standards (FIDO, OIDC, OAUTH), best practices (MFA, NIST 800-63B) and a forward-looking mentality (Passkeys, VCs, DIDs)

Benefits

• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days, and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs.